You’re not paranoid. They really are out to get … your data.
Where you shop, what you buy, the websites you look at, even your Twitter feed — it’s all of interest to a wide range of companies.
Financial institutions and other businesses have long used transaction information and consumers’ online activity to sniff out fraud and find marketing opportunities, said Murray Jennex, a San Diego State University professor who has studied the subject extensively.
Now, those companies are taking the next logical step and trying to predict potential credit risk based on lifestyle choices, he said. They’re even trolling for information on social-media sites such as Facebook, which improved its privacy standards last week after intense criticism.
How can what you buy hurt your credit? It could work something like this: If you’re married and then you sign up for eHarmony.com , it might mean you’re headed for a divorce, often a devastating financial blow. In response, a credit-card company could determine that it’s time to lower your credit limit, Jennex said. If you’ve downgraded your shopping experience from, say, Nordstrom to Walmart, that switch could be a potential red flag for financial hardship, too.
“It might not seem fair,” he said. “But from a risk standpoint it makes perfect sense.”
When it comes to social-media sites — Twitter, Facebook and the like — it’s less clear how businesses are using the data, but experts agree that a host of companies are capturing every available scrap of information posted, looking at who your friends are, double-checking your e-mail address and monitoring your likes and dislikes.
“The more you are on the Internet, the more information they (companies) are getting about you,” Jennex said.
Most credit-card companies and financial institutions, however, say they aren’t using this type of data to make credit decisions.
Capital One, for instance, says it doesn’t use “predictive data mining,” which is the use of electronic information to figure out whether someone might be a credit risk in the future, nor does it monitor social-media sites.
A representative from Chase also said his company doesn’t monitor social media, but added that its risk-management process is proprietary.
Still, Jennex and other industry insiders said they would be surprised if companies, especially credit-card issuers, aren’t using transaction behavior to make those determinations.
Kenneth Lin, the CEO of Credit Karma, which provides free, ad-supported access to credit scores, said he helped build predictive models when he worked in the credit industry. The information that can be gleaned is too beneficial to be ignored, he said.
If a credit-card company can improve its default rate by even one-quarter of a percent, that could translate into hundreds of millions of dollars.
“It’s a competitive business,” Lin said. “Every company is looking for an advantage.”
Ed Mierzwinski, director of consumer programs at the U.S. Public Interest Group, a consumer advocacy organization, said that while credit-card companies have to explain in detail why they are denying people credit, they don’t have to provide an explanation to customers when they slash credit limits or cancel cards.
He said that although the practice isn’t new, most consumers are unaware of what credit-card companies are tracking and how closely.
“The problem with this is it’s sort of like if a tree falls in the woods,” Mierzwinski said. “If you have been discriminated (against) by these practices, you’d never know.”
Kevin Mukri, a spokesman for the Office of the Comptroller of the Currency, a branch of the U.S. Treasury that regulates national banks, said credit cards are the riskiest of loans because they are unsecured. Because of that, the government gives banks that offer credit cards a wide berth in assessing risk.
“Especially now that a person’s risk can change rapidly,” he said.
While it might seem off-putting to think that a credit-card company is looking at your transactions — even if it’s just a computer watching for patterns and anomalies among gobs of data — Lin said the practice can benefit responsible credit-card holders. By eliminating or reducing credit limits on less-reliable customers, more creditworthy consumers won’t see their fees increase to help cover the costs of writing off bad debt.
And because there’s so much at stake, industry watchers say it makes sense that credit-card companies and third-party vendors would turn their focus to the data-rich world of social media.
James Fowler , a professor at the University of California San Diego and co-author of “Connected: The Amazing Power of Social Networks and How They Shape Our Lives,” said that because of the desire to reduce risk, credit-card issuers and other companies view social-media websites as an informational treasure trove. He said Facebook, which was roundly criticized when it made it easier for everyone to see users’ pages, offers so much behavioral data that it would be nearly irresistible not to collect and analyze it.
“If I were a credit-card company, I’d want to try and acquire the whole data set,” Fowler said.
Jennex of SDSU agreed that the new frontier in data mining is social-media sites. Companies such as Bay Area-based Rapleaf provide analysis of tweets, friend connections, most recent activity on a social-media site as well as users’ profile information.
Much of the data collected off such sites are already used to help companies market their services or to assess fraud. For instance, if you happen to be a good Citibank customer, the bank might market its service to your friends. If you apply for a loan and the e-mail address on your Facebook page doesn’t match the one on your application, it could point to a possible problem.
Still, Lin said he doubts the information is being used to predict behaviors — at least not yet.
Data mining and predictive analysis takes time — creating hypotheses, testing assumptions, checking for statistical differences. Social media, for all their pervasiveness, are still in their infancy.
“We are not at the point where you can predict behavior based on a person’s tweets or Facebook status updates,” Lin said.
Want some modicum of privacy? Murray Jennex, an information-systems professor at SDSU, recommends the following:
• If possible, use two computers — one for banking and one for surfing the Web and social-media sites.
• Don’t post anything that you don’t want everyone to know.
• Don’t post anything about your dating life. Keep your birth date private.
• Check spokeo.com, which pieces together data from a variety of online sources. You can see how much is known about you already. Don’t correct inaccuracies, Jennex says. If you want, you can remove your information by going to spokeo.com/privacy.
• Use cash for purchases as much as possible.
• If you have more than one credit card, rotate their use.
By Jennifer Davies, UNION-TRIBUNE STAFF WRITER