Banks and other financial services companies have a leg up when it comes to data base marketing since they already know who their customers are, where they live, and what kinds of accounts they have.
These building blocks were already in place at the beginning of the data base era. As a result, more than a few financial institutions are among the most sophisticated users of data base information. For example, Capital One Financial, the credit card specialist spun off from Signet Banking Corp. earlier this year, is in some ways the most proficient data base marketer in the world.
But there's a serpent lurking in this marketing paradise: Consumer privacy. And plain old stupidity is the serpent's handmaiden. If companies are dumb about data bases, the government, whether controlled by Democrats or Republicans, will step in to regulate. No one appreciates having their privacy violated.
Indeed, dumb and dumber was the theme for l994. The year began with the infamous Nynex disaster, when the regional phone company mailed millions of brochures to customers asking them to use their calling cards. Data base technology enabled Nynex to print customers' personal identification numbers on the mailers, which, incredibly, lacked an envelope. Anyone could look inside and find out the PIN. Customers were horrified, to say the least.
With a kind of unholy symmetry, l994 ended with allegations that one of America's largest data base providers had its hands in the information cookie jar. Metromail allegedly obtained the names of consumers illegally from California voter-registration rolls and then conducted a survey in which consumer information was gathered under false pretenses.
Such cases illustrate how clueless and obtuse businesses can be about consumer privacy. Privacy concerns are not a passing fancy, nor do they derive from a consumerist, antibusiness bias. Like anxieties about disease, crime, and environmental pollution, it's all over the culture and it's not going to go away.
Fortunately, financial institutions haven't made mistakes of this magnitude. But the clock is ticking and unless financial services marketers take steps, disaster is inevitable.
And the potential for disaster is greater for banks than for Nynex and Metromail because those two companies don't have a fiduciary relationship with their customers. The media will have a field day with the first big bank that blows it badly. And equity - both brand and stock - will suffer.
The more you know about your customers, the easier it is to violate their privacy. Accidents will happen, even to smart people in the best of circumstances. Stupidity can be costly: Metromail, for example, is facing a class-action in California that could cost the company as much as $10 billion.
Being dumb and dumber will put financial institutions smack up against a regulatory lawn mower that will wipe out data base marketing's huge potential. Here's how to get smart and stay smart about privacy:
Create a privacy policy. Make sure anyone with customer-contact responsibilities is briefed on it. Anyone asking a customer service representative at a Top 50 bank about privacy policies is likely to be greeted by stunned silence, hemming and hawing, or vague platitudes.
That's not enough. Specificity is the rule here; the more specific the better.
Large financial institutions should go even further to create and publicize privacy mission statements. They should appoint privacy advisory boards that consist of company management, consultants, legislators, academics, and journalists. A well-respected, statesmanlike figure should be recruited as a privacy ombudsman.
Who's doing a good job with privacy policy right now? Citibank comes to mind. Statement enclosures to customers state Citibank's position - "Your privacy is important to us" - and give customers an opportunity to opt out from mailings.
Don't reveal third party-specific customer data without prior permission. Several years ago, car renters got letters from a manufacturer noting that they had recently rented a certain model. The car maker offered an incentive to visit the local dealership to take a closer look at the car. But the car rental company hadn't asked its customers for permission to release this kind of information, and all hell broke loose.
Does this concern wipe out the marketing partnership and cobranding businesses? Should a financial company simply not share any information, period? Not necessarily. Just be sure to aggregate all information beyond name and address, and don't go beyond the kinds of basic demographics - home ownership, for example - easily available from public sources. But get permission first.
Give customers a chance to opt out from data bases. But do so carefully, because it's tricky. Direct mail and telemarketing, the two key data base media, are in a sense invisible to consumers - who are often unaware of their own responsiveness. People unconsciously classify anything they respond to as "non-junk." But when you offer opting out, they tend to think in terms of unwanted junk mail and junk calls.
Solution: Always remind customers how they benefit from receiving information about other products and services before you give them the chance to remove themselves from your data bases.
Be conditional and general in your use of information. Don't write a letter saying "Congratulations! You're 47." Just say "Happy Birthday." If you have travel data about your customer, don't write "Because you travel often to Boston, you'll be pleased to learn you can now get discounts at the following restaurants." Instead write, "If you travel to Boston ... "
Exceptions: loyalty and frequency programs based on transactions. These customers have joined these programs voluntarily and presumably know the rules. And you can mention information customers expect you to keep track of. For example, a bank wishing to upgrade a customer to a better kind of checking account might reference the customer's average balance of $10,000.
One more thing: Credit card marketers have to stop congratulating prospective cardholders on their excellent credit histories. Savvy consumers today know that a stranger (the card issuer) has gone to another stranger (the credit bureaus) to find out intimate details of their lives. And it's making them furious.
Have a damage control strategy ready to go when things go wrong. Accidents will happen, and will happen more frequently as data bases get bigger and better. It's clear that Nynex and Metromail didn't even have the most elementary kinds of damage control strategies. Work with public relations specialists - this isn't the kind of thing that lends itself to do-it-yourselfers. And remember the two basic rules: Don't be defensive, and do overcorrect the problem.
Make sure you publicize specific safeguards against the problem recurring. Customers will forgive you once. But if you make the same mistake twice, expect mass defections.
James R. Rosenfield is chairman of Rosenfield & Associates, a San Diego-based marketing consulting firm.
