The original blogs I posted about TrueCar.com have had more than 40,000 page views. This issue of who’s rooting around your data is going viral.
A lot of auto-retailing people are mad that the marketing firm and others like it give consumers all sorts of proprietary pricing information, then sends them to dealers in the form of leads that dealers pay for if they become buyers.
But the real question is whether TrueCar is the disease or a symptom of a greater epidemic sweeping through the dealership world.
I have questions concerning its business model. Is TrueCar a broker? I don’t know. I believe it is in some states, according to law. It should be addressed by qualified government agencies.
However, that’s just a minor distraction from the real issue.
The larger issue that many people sidestep with pious doubletalk about transparency is that TrueCar and dozens of other vendors are siphoning off dealership data with no policemen looking over their shoulder.
What if you discovered some identity thief rooting around your belongings with intent to do you financial harm, maybe ruin your life? Well, I believe a number of vendors who want to bring down the retail automobile business as we know it are using our data as a weapon.
Mr. and Mrs. Dealer, what in the heck are you thinking here? When the consumer lawsuits come, and they will, who is going to be held liable? Not the vendor, but rather, the dealerships that allowed customer-privacy information to be looted out of their computers.
All of the information the government requires you to lock away and keep under strict security in the real physical world is virtually available in your dealership-management system, and you’re allowing people with vaguely defined purposes access to it.
The most sensitive data is the customers’ financial information, which opens up an entire category of liability exposure when vendors access it without safeguards.
I picture the cross-examined dealer in court saying, “But Your Honor, they promised they weren’t going to do anything with all of that customer information I gave them.”
That is true; they do promise not to misuse customer data. But why do they need it, and who else are they sharing it with?
I am not talking just about TrueCar, but also about every vendor given access to dealership data.
I have read dozens of agreements dealers are signing with vendors. They all contain similar language that is chilling, to me anyway. It is along these lines:
“We reserve the right to use macro-level, aggregated data to evaluate performance and best practices with the primary objective of better understanding customer behavior, pricingtrendsand other statisticalinsightsthat may lead to an improvedimplementation.”
Macro-level aggregated data? Almost every one of them has that language. These vendors are taking 39 fields (or more) of customer identifiable information out of your computers. And they reserve the right in their contracts to share this information with “affiliates.”
Not only are you giving up the data, you also are signing off on allowing them to pass it on.
So if one affiliate partner has access to sales data that personally identifies consumers, and another affiliate has access to financial-transaction data, could they theoretically combine these ingredients and bake a tiered cake?
I am a modern Paul Revere trying to wake up the countryside. Where are our dealer associations on these issues of endangerment?
And most dealers have stupidly – yes, I said stupidly – allowed vendors unlimited information access instead of specific information for specified purposes. You didn’t take the time to scrutinize why they needed so much information that has literally nothing to do with their stated purpose. Wake up!
Auto makers need to get off the sidelines and take a stand to preserve the value of their products.
A full vetting of vendors by an independent body is necessary.It’s time to re-examine who is getting what.
Keep those calls and emails coming.
Jim Ziegler, president of Ziegler Supersystems, is a trainer, commentator and public speaker on dealership issues. He can be reached at firstname.lastname@example.org.