Tips & Advice

Is sharing personal data for free java worth the risk?

Charlotte Empey, 11 October 2018

No cash required at this coffee shop. Students pay the price with their personal data.

Despite the hoopla surrounding Facebook, Google, and others being accused of deceiving users into sharing personal data, it seems the level of comfort with people exchanging personal data is becoming more and more accepted.

Take Shiru Cafe in Providence, Rhode Island, for example, where Brown University students “pay” for coffee, but not with cash. Instead, they are asked to provide a slew of personal information in exchange for their morning java.  

While professors are allowed to pay, students get free coffee by providing data, including their names, phone numbers, email addresses, majors, birthdates, and professional interests, all entered in an online form. According to the cafe, students are aware that by giving up their personal information, it is subject to being shared with corporate sponsors, but not third parties. These sponsors, who include companies like JP Morgan, Nissan, and Microsoft, are in turn marketing to the students through physical and digital advertisements, apps, logos, surveys, and more. Often, those efforts are focused on recruitment.

shiru-cafe-data-collection-1Some of the personal data collected by Shiru Cafe website,
plus a lot more about their major, preferences on
company size they would like to work for, IT technical skill set, etc.

Shiru's website claims: "We have specially trained staff members who give students additional information about our sponsors while they enjoy their coffee."

Jacqueline Goldman, a graduate student at Brown is putting her trust in the cafe, saying “I’m giving tons of organizations my data and not getting any goods or services back. Shiru is being transparent.”

While this may be the case, and this ‘pay with data’ model is gaining interest from marketers, particularly given the new GDPR restrictions, it’s an approach that could also pose serious risks. Privacy concerns continue to mount around the ever-increasing number of data breaches, many of which have taken place with retailers like Macy's, Under Armour, Best Buy and Panera Bread.

Jacob Furst, a professor of computer security at DePaul University, was quoted in New York Magazine saying that concerns could arise if students were required to connect to the cafe's Wi-Fi, which would allow access to a much wider range of information that could be accessed by third parties.

While retailers and marketers continue to seek new ways to personalize offers and services based on customer personas and data, companies need to ensure a level of security appropriate to the risk.

Avast Security Evangelist Luis Corrons has another take: “Let’s put it this way,” he explains. “When you run out of money, you can’t buy more coffee. Once you give away your data, you are broke – they already have what they were looking for.” Maybe it’s a good exercise, he adds, “if it helps people realize how important it is for people to protect their personal information.”

With Shiru Cafe planning to open more locations near Amherst College, Harvard, Yale, and Princeton, it remains to be seen if free java will be a risk or a reward.