Privacy or rewards? Some card programs force you to choose
Want your bank or credit card issuer to keep your information private? You may have to give up some perks.
Some cardholders have found that if they opt out of allowing their bank to share their personal information with third parties, they can no longer take advantage of certain cash-back offers from merchants.
Those rewards, which the industry calls "card-linked loyalty offers," typically pop up on your bank's website or app. You click on an offer to activate it on your card -- say, $10 cash back if you spend $25 at Panera or $15 back if you spend $79 at Wal-Mart -- and then when you shop there, the reward is loaded directly onto your card.
Consumers like card-linked offers because they're simple and convenient -- you don't have to print anything or remember to bring a piece of paper into the store. And unlike other forms of advertising, they're highly personalized.
"What typically happens with these offers is that merchants use transactional payment information to create specific campaigns they think will be valuable and relevant to you," said Alex Johnson, senior analyst in the credit advisory service at Mercator Advisory Group. So a retailer may target you if you shopped there in the past but haven't made a recent purchase, or if you shopped at a nearby competitor.
That individualization makes the offers more relevant, but it's also why some -- but not all -- card issuers exclude customers who don't want their data shared.
"The way some programs work, if you opt out of sharing, the issuer can't give the merchant the data they need to create those offers," Johnson said.
Federal law requires annual privacy notices
Under federal law, financial institutions must send customers a privacy notice every year listing the ways they may share your information and giving you the option to opt out.
Jason Berk of Long Island, New York, took advantage of that option after receiving a privacy notice from his bank, First Tennessee. A few months later, he received an email from First Tennessee touting "cash rewards" from several retailers. But when he clicked on the link, a message popped up saying the offers weren't available to him. A customer service rep explained he wasn't eligible because he opted out of information sharing.
"I was really upset," Berk said. "I felt like they were penalizing me for opting out. Customers shouldn't be under that kind of pressure."
When CreditCards.com inquired, a spokesman emailed a statement from Chris Van Steenberg, who oversees the bank's credit operations. Steenberg said the offers are specific to each card and vary based on where the cardholder already shops and the purchases made with the card.
In order to provide offers relevant to each specific cardholder, we must share customer information.
Chris Van Steenberg
First Tennessee Bank
"In order to provide offers relevant to each specific cardholder, we must share customer information," the statement said. "However, the privacy opt-out does not allow us to share the information required to offer these rewards. Therefore, we cannot include cardholders that have elected the privacy opt-out. For the Cash Rewards program to work as intended and provide the most benefit to each individual customer, sharing of customer information is required."
Steenberg noted that cardholders who opt out are still eligible for the bank's main rewards program, which allows customers to earn points for dollars spent on the card. Those points can be redeemed for merchandise or cash back.
That did little to appease Berk, who said they shouldn't need his information to grant the merchant cash-backs: "Why can't purchases I make at specific retailers be tagged by First Tennessee internally, so that discounts can be applied without sharing my information?" He noted that other financial institutions and organizations seem to be able to do that.
Other banks' programs
Indeed, several card issuers, including Bank of America and American Express, told CreditCards.com they are able to extend card-linked offers even to customers who opt out. "We do analyze your shopping habits, but it's all done internally," said AmEx spokeswoman Ashley Tufts. "We have a closed loop."
Johnson said the discrepancy may stem from mechanical differences in how the programs are run or who funds the rewards -- the bank or the retailer. If a reward is purely merchant-funded or merchant-driven, the merchant needs access to the data in order to offer relevant rewards, he said.
Silvio Tavares, CEO of The CardLinx Association trade group, said the fact that some banks don't provide the benefit to cardholders who take the privacy opt-out demonstrates how different card-linked offers are from other forms of digital advertising, which may use your data whether you like it or not.
"This is an explicit bargain," Tavares said. "The consumer says, 'I'm willing to share a little data, and in return I get a benefit to me.' With these deals, you are in control of your data."
In most cases, he said, customers have to opt in twice to receive the deals: once when they agree to have their information shared and then again by clicking on an offer to load it onto their card. "Most advertising is spam that you don't want," he said. "The thing that's different about these is that it's 100 percent opt-in."
Gary Leff, a credit card rewards consultant who blogs at BoardingArea.com, said he hasn't heard any complaints about the practice, but he personally doesn't mind sharing data in order to receive more relevant offers and rewards he might actually be interested in.
Leff said a customer's transaction data is extremely valuable, and he wouldn't be surprised if more banks started capitalizing on that by requiring customers to share information before they can earn rewards. "Although it may not be common now, the banks that are doing it may be the start of a trend," he said. "Banks could fund their entire rewards programs by monetizing that data."
See related: Cross-device tracking raises privacy issues
- As banks talk with Facebook, time to review your privacy rights – With Facebook seeking customer data from banks, federal privacy protections let you opt out of some data sharing by financial institutions ...
- As data breaches increase, here's how to cut your identity fraud risk – As data breaches increase, it is easier to cut the risk that your card data and other personal info will be stolen. Dark web scans, free credit reports and virtual card numbers can ease your anxiety about identity theft ...
- Protect your card details, identity from being doxxed – Even if you’re not in the public eye, just the fact that you have a digital footprint means you and your sensitive financial information could be exposed to the growing doxxing epidemic ...