From The New York Times (photo by Tim Gruber for The New York Times), a picture of eBureau headquarters in St. Cloud, Minnesota. You provide the data, and they provide your profile to increasingly savvy marketers. But that’s only part of the story.

On Thursday night, Paul and I had dinner. We split the bill. I charged. He paid me the difference in cash. On Friday night, some neighborhood friends went out to dinner, and I used Paul’s cash to pay our share. On Saturday, I couldn’t resist a 50%-off-everything sale at a local record store, and charged about $40 for about twenty great old LPs. Last week, we went on vacation, and like good Americans, we enjoyed the convenience of our credit cards.

Along the way, apart from the two cash transactions, we generated a cluster of data, enough to build a profile of recent activities. Add the detailed list of supermarket purchases, online book purchases, and EZ-Pass comings-and-goings, and our data stream is sufficient for any reasonably competent marketer to do their online stuff. Add Google’s record of our online searches, Verizon’s record of every TV program we watch, and the picture becomes more complete.

Does Verizon need to know what I watch? Do they need to keep a record of every minute detail of my channel flipping? Is there, somewhere, a complete lifetime record of every subscriber’s viewing history. If there is, shouldn’t I know that? If there’s not, shouldn’t I know that, too? And shouldn’t there be some sort of understanding between me and Verizon about the data that they do and do not collect, and how it might be used? And shouldn’t I understand every word of that agreement?

In theory, each private transaction resides between me and an independent vendor. I choose my vendors with some care, and I am comfortable with the idea that they will use my past purchase history to present me with new marketing offers. If, for example, EZ-Pass notices that I commute on the same routes regularly, I am interested in a discount program for commuters.

My interest ends, rather abruptly, when one vendor provides data to another without my express written permission. In most cases, I would NOT grant that permission. I suspect your personal policy would be the same as mine.

Access to data about my every purchase: useful. Sharing that data with marketers willing to pay for access: priceless.

There is, however, one stupendous soft spot in my argument. I use a credit card. And, I suppose, in some version of logical argument, my transactions with VISA, MasterCard and their affiliated banks, provides some level of permission to share data about my purchases with marketers. I think this is an over-reach, and, increasingly, I believe that my transactions with these companies ought to be private, released, perhaps, only when my creditworthiness is open to question when purchasing, say, a new couch, and I expressly offer my permission, in any extremely limited way, specifically for that transaction. (Of course, this, too, introduces complexity because my creditworthiness cannot be evaluated without a gateway to lots more of my data.)

This morning’s New York Times tells the story of eBureau, one of several companies that tracks my combined purchases and provides a profile (a score, actually) to companies with an interest in selling me something, most often online. In the case of eBureau, the game is not only determining an individual’s credit score, but also the individual’s value to an individual marketer based upon past purchase patterns, zip code, income level, and more. In essence, eBureau advances the concept of a lead qualification to a massive scale. Buried in the article are concerns about privacy, secrecy (the scores are not available to the affected consumers, only to eBureau’s clients), and extension of the concept to other forms of marketing. What’s more, e-scores are likely to widen the digital divide, offering better deals to those with certain profiles, and so on.

On the side of the people: a very overworked PIRG organization battling on so many fronts.

In the NY Times article, The US Public Interest Group and the Federal Trade Commission both express specific concerns about new digital scoring and the inadequacy of current law to define appropriate practices, but the related issues are rapidly emerging with tremendous velocity, depth, and complexity.

Where does this lead? I think it ought to lead to some serious discussions about consumer protection in the digital age. We’re way behind on the development of law in this space, and, quite reasonably, marketers and opportunists are taking good advantage of the lag, and establishing precedents that will be difficult to challenge or disassemble in the future.