Macy’s refuses to hand over customer data

With a trial set to start next month, Macy’s remains locked in battle with the Los Angeles District Attorney’s office over the privacy of its customer data.

The department store chain was originally targeted by the office on a false advertising charge of selling children’s jewelry containing heavy amounts of lead under a “lead nickel free” banner. A February 2008 voluntary recall of the jewelry affected multiple retailers. The office later asked for Macy’s customer information in order to best notify those who may have been affected by the health threat.

LA Deputy District Attorney Daniel Wright obtained a subpoena in January 2009, pushing Macy’s to reveal its customer information, but the retailer did not respond.
During an April 7 hearing, Macy’s attorneys argued that customers’ privacy expectations kept them from revealing point of sale and CRM data on customers who purchased the jewelry. The retailer also noted that, because the DA’s case was concerned with false advertising and not the recall, turning over customer names was an inappropriate request.

A trial on the false advertising charge is set for May 4.

“Any typical privacy policy says, ‘We will disclose information if required to do so by law,’ and if Macy’s can’t quash the subpoena they will be required to disclose it,” said Bob Gellman, an independent privacy and information policy consultant. “I suspect they don’t want to give it up because it will make the situation look worse, but I’m mystified as to their reasoning.

“This is the downside of maintaining all this personal information in gory detail because when something happens there’s an obligation on the part of the merchant to take action and notify,” Gellman continued. “It’s a significant expense, but it seems to me hard to explain why you’re not going to send individual notices to consumer when you have their information. If the DA’s office sticks to their guns, I’m sure they will get the information.”

The type of information requested complicates the case: Macy’s claims to not have information on every customer who purchased the jewelry. Those who paid for the jewelry with a Macy’s credit card or Macy’s Visa should be trackable, but those who paid with cash or other credit cards may be difficult or impossible to identify.

Further complicating Macy’s privacy argument is the fact that the company willingly sells its customer information to list companies. Mailing lists for “Macy’s and Bloomingdales Buyers” and other Macy’s customers are available on

Neither Macy’s nor the LA District Attorney’s office returned phone calls as of press time.

Related Posts