On March 17, 2014, ING announced that it no longer had plans to serve ads to its customers based on their banking habits. In an open letter, Nick Jue, the company’s chairman, announced that it would halt all plans for the advertising pilot project.
The bank announced the project just the week before. If it had gone through, it would have allowed companies to push targeted advertising to its customers based on their payment history. Although ING’s director of private banking Hans Hagenaars claimed that the plans “are a logical step towards the future of targeted advertising,” both the bank’s clients and consumer organizations raised concerns about the proposed pilot project, especially with regards to the possible massive violation of privacy.
Consumentenbond, a Dutch consumer organization, went one step further, saying that “there is no law permitting the sale of any data that’s yours.”
At first, the plans were considered a step towards targeted advertising. The bank put together a special team to analyze its customers’ payments. According to Hagenaars, “ING is responsible for handling the most payment traffic in the Netherlands. Not only do we know what people spend their money on, we also know where they do it.”
He continued to explain how information sharing would eventually be a positive thing for customers: “Let’s say someone spends a couple of hundred euros at garden center A every year. If garden center B knows this, they can make the customer an extremely competitive offer, so that in the future, the customer will come to them.” It wasn’t mentioned where the ads would be placed.
Initially, ING said that the scheme would benefit consumers, reassuring clients that the pilot would not be launched anytime soon. The open letter from Jue read:
“We have not been clear enough about the sensitive topic of customer data, causing an avalanche of worried response from our customers. These responses clearly demonstrate that there are a lot of questions and concerns about the protection of customer data, for which I sincerely apologize. ING is not and has never been planning on selling individual customer and transaction data and… the pilot was intended to help customers better manage their personal finances by helping them save money through customized offers.”
Of course, the bank was forced to relent. It promised that the pilot would be put on hold:
“Of course we listen extremely well to all the signals we receive. Therefore, we will enter into consultation with our customers about how ING can best be of service in saving on daily expenses. We will engage in conversation with customers, regulators, privacy groups and consumer organizations to determine how and whether we will proceed with this. Whether we will actually launch a pilot with a select group of interested customers, when and under what conditions, will be determined after these conversations. Since we want to take due time to talk to all parties, and our customers in particular, the pilot will be put on hold for now.”
In Favor of Privacy
After the release of the open letter, Consumentenbond commented that it considered this a victory for privacy:
“The news that ING has decided to refrain from using its customers’ information for third-party offers for the first time being is very good news… The consequences of this plan have not been given enough thought and it has led to mass confusion, astonishment and indignation. That is extremely bad for the relationship of trust between consumers and the banks, which offers much room for improvement as it is.”
Dutch bank ING has decided not to continue an advertising plan that would have used its customers’ payment histories to serve targeted ads. Its decision was announced after an outcry by consumer groups and customers.
CIPP Exam Preparation
In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT), a privacy professional should be comfortable with topics related to this post, including:
- Purposes and uses of PII (I.C.c.)
- Privacy expectations (II.A.)
- Personalization – end user benefits and privacy concerns (II.C.a.; II.C.b.)