Back in December 2010, when Walgreens sent out its first breach notifications, one of the troubling aspects was that despite the fact that consumers had unsubscribed from their mailings, their data had been retained. The December 2010 notification email read, in part:
We realize you previously unsubscribed from promotional emails from Walgreens, and that will continue. As a company, we absolutely believe that all customer relationships must be built on trust. That is why we believe it is important to inform you of this incident. Online security experts have reported an increase in attacks on email systems, and therefore we have voluntarily contacted the appropriate authorities and are working with them regarding this incident.
So why did they retain his data when the customers had clearly unsubscribed? How does it inspire trust if you keep data that you are no longer supposed to use when hanging on to it increases the risk that it will be acquired by cybercriminals? How is that a relationship built on trust?
Fast forward and it appears that it has happened again. The latest round of Walgreens notifications reads, in part:
[…]
We realize you previously unsubscribed from promotional emails from Walgreens, and that will continue, but we feel an obligation to make you aware of this incident. We regret this has taken place and any inconvenience this may have caused you. If you have any questions regarding this issue, please contact us at 1-855-814-0010. We take your privacy very seriously, and we will continue to work diligently to protect your personal information.
Sincerely,
Walgreens Customer Service Team
So why were those data still on Epsilon’s servers? Was that a function of Walgreens’ policies about data retention even for unsubscribers?
Shouldn’t “unsubscribe” mean “Pretend you never met me and I never gave you my email address. Delete it.” And do most customers believe that when they unsubscribe, their data are being deleted?
Don’t tell me to read the privacy policies as we all know most people don’t really read them.
Why isn’t there a popup next to the “subscribe” button that tells you that your name and email address will be sent to a third party and will never be deleted even if you unsubscribe? How about:
By subscribing, your name and email address will go to a vendor that we trust, even if you don’t know who they are. And your data will remain with that vendor even after you die, barring any act of Congress or the FTC.
Wouldn’t that at least be more transparent if you’re not going to delete the data when the customer unsubscribes?
Walgreens has not (yet) responded to an inquiry I sent them about this issue earlier today.