E-receipts – a “convenience” open to abuse

At sign and hand

What do you do when a shop assistant asks for your email address when you’ve just made a purchase?

The reason they give is that they want to send you a receipt by email (an e-receipt). They will say it’s better sent by email because that way you have a permanent record, the receipt won’t get lost, destroyed in the wash, faded in the sunlight, eaten by the dog, etc.

Are you handing over more than money if you choose an e-receipt?
Indeed, there are perfectly legitimate advantages to both sides. Those accruing to the vendor include not having to handle a paper receipt (that might contain a toxic chemical called Bisphenol A) and saving money (and planets) on till rolls.

On the other hand, there are some serious implications for data privacy – and these aren’t confined to reciting (and even spelling out) your email address in front of the queue of shoppers standing behind you.

According to the provisions of the GDPR (General Data Protection Regulations), the retailer must tell you in advance how your data will be used and must give you the opportunity to decline any marketing advances that use the email address you’ve just given them. Fair enough, as long as they actually do that and you can give informed consent (bearing in mind that the queue behind you is not just breathing down your neck, but is now breathing fire). And it’s just not realistic to expect the shop assistant to explain to you in this situation just who they are intending to share your information with (which they are obliged to do).

Paper receipts
The decline of paper receipts might become another threat to our privacy
So, it’s very easy to get into a situation where providing an e-receipt is actually more time-consuming and difficult than providing a paper one and the retailer might not gain your informed consent before bombarding you with marketing messages.

What I am more worried about, though, is whether your email information and purchasing history are being kept private by the retailer.

According to Thisismoney:

The Information Commissioner’s Office (ICO) is concerned shops that issue e-receipts could be using customers’ email addresses for other purposes and flouting data protection laws. The watchdog is also worried that shoppers’ details might be sold to third parties without their knowledge.

More and more shops are offering e-receipts
If you think that your shopping receipt and email address are not worth anything, consider that there are organisations that will actually pay you for your scanned receipts. (see wellkeptwallet, for instance). Why? Data. Data is very valuable.The concern is that some processes that send you an e-receipt, ostensibly for your convenience, might also sell that data to third parties.

And it might not even be illegal if you’ve been told about their privacy policy and that they do sell it – and if you’ve had the chance to read the privacy policy and agreed to it, and if you’ve understood the implications, and if the person behind you in the queue hasn’t had apoplexy by now. That’s an awful lot of “ifs”.

Some people just don’t care about privacy of their data. Their typical response when probed about this attitude is a shrug of the shoulders and “I’ve got nothing to hide”. Well, if you belong in that camp then good luck to you (and your data and your privacy). I don’t.

So, when asked for my email address I politely request a paper receipt. In most cases, I get one even though the vendor has no legal obligation to provide a receipt in a face to face transaction. This strikes me as rather bizarre, but I’ve found this stated on a number of websites. I sent an email to my local trading standards office asking them to confirm it, but they haven’t favoured me with a reply.

And, if the retailer won’t give me a “proper” receipt? I give them a throwaway gmail account that I set up just for this purpose. It does not include my name, and is unlikely ever to be traceable back to me (other than by the omnipotent Mr Google, of course).

Are we losing the fight for our privacy? Quite possibly, but I’m not giving up easily.

Some further reading for you, if you haven’t given up either:





Donations Jar
Just click on the jar…