sector currently plays an important role in providing expertise on U.S. data protection developments. We have established good working relations with data protection authorities in Europe and elsewhere which should help in formulating provisions that are fair to all parties. There are a variety of U.S. Government agencies, departments and Some examples of potential problems are: Question 2: • The European Commission has made it clear that nations may impose restrictions on use and interconnection of telecommunications services and facilities if those restrictions legitimately flow from bona fide data privacy concerns. This allowance is tolerated even under EC market opening initiatives. The Council of Europe has promulgated a data protection Convention which allows the COE member states to "prohibit or subject to special authorization transborder flows of personal data" going to another country if the regulations of that country fail to provide "equivalent" data protection. Similar rights are accorded if the data would transmit a country with regulation failing to provide "equivalent" data protection. Denmark, France, Germany, Luxembourg, Spain and the UK have so far ratified into law the COE Convention. However, Italy, Greece and Portugal have no data protection laws. Could you clarify the respective rights of Citicorp and participating supermarkets over possession and use of identifiable consumer information generated by "frequent buyer" programs? What information can the supermarkets maintain and use and what information can Citicorp maintain and use? Answer: Question 3: Answer: Question 4: Answer: Under our existing agreements with retailers, Citicorp POS is the You testified that Citicorp will not release purchase information that might be detrimental to consumers. Could you provide some examples of what type of purchase information would be withheld under this standard? When we say that Citicorp POS will not release purchase information that might be detrimental to consumers we mean that we carefully consider the potential impact on consumers of a proposed use to the data before we authorize the use. By way of example, Citicorp POS would not make its database available to a life insurance company for the purpose of excluding smokers from an offer nor would we make our database available to a cigarette manufacturer for the purpose of distributing discount coupons to rion-smokers. You testified that Citicorp does not respond to requests for information about specific individuals without their consent or a court order. 4a: Do the supermarkets that collect the information operate under the same policy? Information on consumer purchases, while collected electronically through the supermarket cash register, is transferred nightly over phone lines to Citicorp POS where it is entered into Citicorp's main frame computers. The supermarket does not have the information to provide. It can only obtain the information from Citicorp POS for use in marketing to, or otherwise communicating with, its own customers. If a supermarket were to request that Citicorp POS provide information so that the supermarket could provide it to a third party we would not supply it since it would run counter to our policy not to provide such information absent the consumer's consent or a court order. Question 4b: How would you advise a supermarket to respond in the following hypothetical situation? Suppose that a woman is abducted from a supermarket parking lot. She tells the police that there was a supermarket bag in the car with a loaf of bread, bottle of milk, and can of baked beans. The police ask the supermarket manager for a list of everyone who purchased those items. Answer: Question 4c: Answer: Question 5: Answer: As mentioned in response to the previous question, the supermarket does not have this information on hand and Citicorp POS would not provide the information to the supermarket to provide to a third party. If the request were made directly to Citicorp POS, we would not provide the information absent an appropriate court order or other legal process. Also, Citicorp POS might well not have in its database information as to who bought those items on the day in question. We are continually assessing our database to determine the precise level at which we should maintain data. We are considering compressing the data to a level other than individual transactions. Were we to so compress our data we may not, for example, be able to identify the specific day of the week on which any individual bought the items in question or the specific form (e.g. a can) of the item which the consumer bought. If a court order is received for a copy of the identifiable records of a specific consumer, will Citicorp and/or participating supermarkets notify the consumer of the court order in order to allow the consumer to contest the order? As a general rule, Citicorp POS would notify the consumer that a The Video Privacy Protection Act (Public Law 100-618) provides 5a: Does Citicorp have a policy about the destruction of personally identifiable records generated through the supermarket program? At present, Citicorp POS does not have a set policy which calls for destruction of data after a given date. We are interested in storing only the data we need. As we gain greater knowledge of the depth of information needed by our customers to make informed marketing decisions, we will be in a better position to establish a data destruction policy. Question 5b: Does Citicorp have or expect to have the ability to track individually. identifiable purchases over a period of years? Is it possible that Citicorp might eventually have an identifiable profile of consumer purchases over a decade or even a lifetime? Answer: While Citicorp POS certainly could maintain records of a consumer's identifiable purchases over an indefinite period, it is not our intention to do so. As stated in response to the previous question, we are not yet in a position to make an informed decision on what the maximum retention period should be. Information covering a number of years could not be stored on line but would have to be transferred to tape or other media and would be so expensive and time consuming to access as to be commercially impractical. Question 5c: Will Citicorp develop the ability to track purchases over a period of time to identify lifestyle patterns or changes in habits? For example, will Citicorp be able to identify whether a consumer is likely to be a vegetarian or whether a consumer eats less red meat or more oat bran than in the past? Answer: To a great extent, the answer to this question is a function of Citicorp POS's ultimate decision on records retention as discussed above. The longer the period the more likely that such lifestyle patterns or changes could be tracked. However, it is our view that maintaining such data on all the individuals in the database would be uneconomical and of no commercial value. During the question and answer period following the formal presentation, you asked that I supply the Subcommittee with a sample of the form of program application currently being used by Citicorp POS. I am enclosing for the Subcommittee's use a dozen copies of the type of application being used in connection with our Reward America program. You will note that on the inside page of the application consumers are advised that their purchases will be automatically recorded and that they will be receiving offers and information from the retailer and third parties based on their purchases. Consumer's are also given the option not to have their purchase information disclosed by merely checking the box at the bottom of the application. I hope the foregoing will be of assistance to the Subcommittee. Should you have any further questions, please feel free to contact us. |