Imagine someone sends you a promotional calendar.  Do you pay any attention to it?

What if it has your name on it?

What if it has your picture on it?

Perks have long been a sales tactic.  At one end of the spectrum are the luxury items -- free tickets, expense account steak dinners and single malt, “training” sessions in exotic locations.  At the other end, there’s still a drive to differentiate, to promote, and to build relationships but instead of luxuries, they turn to personalization. 

When it comes to privacy, personalization can go tragically wrong. 

In the past week, we’ve seen a couple of egregious examples of personalization gone wrong – Office Max sending one of its customers promotional mail that included the address line “Daughter Killed in Car Crash”  and Bank of America offering a credit card to Lisa Is A Slut McIntire.   

It’s reminiscent of the revelations last year about how Target (and others) collect and analyze customer information, leading to situations where they are marketing to a profiled pregnant teenager before her father even knew she was pregnant!

Or how about when Wired UK sent out uber-personalized covers to selected subscribers and opinion makers, back in 2011.   One recipient’s personalized cover apparently included the following information:  name, age and birthdate, address, previous address, parents address and (apparently mined from his twitter account) the fact that he had met up with his ex-boyfriend earlier in the month. 

Thing is, we read these news stories or we hear about the incidents and they are intrusive and frightening but they are also distant.  Far removed from us.  Companies elsewhere profiling people we don’t know.    I’ve talked before about the stupid user, the way that line of thinking offloads responsibility onto the individual user rather than on the organization(s) who are exploiting the information – one of its other effects is the insidious way it encourages individuals to buy into it, to presume that a user whose privacy is invaded in this way has brought it upon themselves, has somehow “allowed” this to happen to them, a mindset that implicitly promises that the rest of us are still safe.  Simultaneously highlighting risks and reinforcing the stupid user mindset.

Of course, whether the companies are near or far, whether their victims are known to us or strangers shouldn’t matter.  Doesn’t matter, really.  Though that doesn’t change the fact that when the distance is bridged, when it’s someone or somewhere we know, it hits closer to home. 

This week, I talked to someone who received a calendar in the mail from a printing company with whom his organization had dealt in the past.   A simple promotion, but an opportunity to show off the company’s product and bring the company name to the forefront of a customer’s mind.    To raise their offering out of the ordinary, the company had personalized the calendar.  Again, a fairly simple idea – we’ve all seen the hats, the logo t-shirts and golf shirts, the monogrammed pens.  So this time, the company went one step further – they personalized the calendar not only with his name, but with a picture of him.  A picture that he says they must have gotten from his Facebook even though he’s not Facebook friends with anyone at the company. 

It’s not telling your parents that you’re pregnant.  Or mistakenly name-calling or revealing agonizing personal details in a label.  Nor is it splashing your personal information all over a magazine cover.   Indeed, he says it’s not that bad.  That he probably didn’t have strong enough privacy settings (or any privacy settings) on his photos. 

You see how insidious that stupid user thinking is?    An invasion of privacy and he’s already taking responsibility for it, bringing up the issue of privacy settings.  He doesn’t want to shame the company, make a complaint, or look for compensation.  Despite his discomfort with the invasion, he still holds himself accountable. 

Is that fair?  ‘Cause that’s what happens when we buy into stupid user – we blame each other.  We blame ourselves.  And the companies that mine our personal information, that crawl our online presence(s), that pull our personal photos off Facebook and use them for marketing purposes (in contravention of Facebook’s own Terms of Use) – they get to keep doing it.