Merger raises Net privacy flags

The proposed merger of two data marketing giants has online privacy advocates up in arms.

Announced Friday, Great Universal Stores (GUS) agreed to acquire Metromail (ML) for more than $800 million in stock.

If approved by federal regulators, the buyout will result in a direct marketing behemoth with access to one of the world's largest storehouses of consumer credit history.

The U.K.-based GUS owns Experian, one of America's "Big Three" credit bureaus, which store individuals' credit history. When a landlord runs a credit check on a potential renter, for example, she pays a small fee to one of these three firms.

The merger "will provide great opportunities for Metromail's customers and prospects," Barton L. Faber, Metromail president and chief executive, said in a statement.

Critics believe the merger has ominous implications for privacy.

"Metromail has already demonstrated that they want to grab every major source of data available about consumer behavior so that they can tie it all together, ready to sell on demand," Jason Catlett of the antispam group Junkbusters wrote in an email interview. "Now they're reaching for the biggest and richest source around: one of the big three credit reference agencies."

A Metromail spokeswoman today declined to comment on the specifics of the merger--including plans to integrate the services of Metromail and GUS--until after it is completed.

One privacy advocate said the true threat to user privacy comes with combining several databases. With seemingly innocuous information, such as zip code and date of birth, a marketing company can ferret out a wealth of demographic information and public documents such as driving records and the cost of someone's house, said Tara Lemmey, a board member of TRUSTe and founder and chairman of Narrowline, an Internet-based ad-transaction and information services company.

The merger raises questions that the Federal Trade Commission, which held high-profile privacy hearings last summer, is likely to want answered before approving the deal.

A Metromail representative testified at those hearings that the company keeps its marketing database separate from other "reference" databases, such as credit check or warranty information.

"It has become apparent that the real question is intention of use...Is the data being used for something other than its original intention?" Lemmey said.

Another issue stems from the upcoming European Union rules on database privacy: "Any company within the EU is going to be under a high degree of scrutiny with the directive in October," Lemmey noted.