Walmart is watching you. The retail behemoth has built one of the largest and most invasive private surveillance systems in the world. From the moment you walk into a Walmart store, your every move is being tracked, recorded, and analyzed by a sophisticated network of cameras, sensors, and artificial intelligence. Walmart‘s surveillance operation is so vast and secretive that even many of its own employees don‘t fully understand its scope or purpose. But a deeper dive into Walmart‘s privacy policy and data collection practices reveals the shocking scale of the company‘s spying apparatus.
Walmart‘s Staggering Data Collection by the Numbers
It‘s nearly impossible to fathom just how much data Walmart collects on American consumers each year. As the world‘s largest retailer, Walmart serves over 240 million customers per week across nearly 5,000 stores in the U.S. ^1. That‘s roughly 70% of the entire U.S. population shopping at Walmart in a given year.
Walmart‘s privacy policy shows that the company harvests a staggering array of personal data points on each of those customers ^3. Walmart collects:
- Demographic info including your name, age, race, gender, and sexual orientation
- Contact details like your address, email, phone number and social media handles
- Financial data including your credit score, income, assets, and debts
- Biometric identifiers such as your facial scans, fingerprints, voice prints and DNA
- Health conditions and prescription records through Walmart pharmacies and insurance plans
- Geolocation data showing where you live, work and travel based on your phone‘s GPS
- Internet browsing history and online purchases tied to your IP address and device IDs
- Social media activity and public records scraped from sites like Facebook and LinkedIn
All totaled, Walmart collects an estimated 2.5 petabytes of data on its customers each hour ^4. That‘s equivalent to 6,750,000 hours of HD video footage. Over a full year, the data Walmart amasses on American consumers would fill over 460,000 Libraries of Congress ^5.
And these figures don‘t even include the data Walmart buys from third-party brokers to supplement its own profiles. Walmart has purchased intimate details like property records, marriage licenses, and vehicle registrations on millions of Americans from firms like Acxiom and Oracle ^6. Walmart uses this third-party info to verify shoppers‘ identities and flesh out its dossiers for more targeted marketing.
Walmart‘s Use of AI Surveillance Discriminates Against Shoppers
Not content to simply log our every purchase, Walmart has rolled out one of the most advanced and invasive in-store surveillance systems in the retail industry. Over 1,000 Walmart stores are now equipped with artificial intelligence-powered cameras that can detect individual shoppers‘ faces and track their movements through the aisles ^7.
These AI video analytics tools can determine your age, gender, ethnicity, and even your emotional state based on your facial expressions and body language ^8. Walmart feeds this real-time behavioral data into complex algorithms to make inferences about your income level, buying preferences, and creditworthiness. Low-income shoppers or those with lower credit scores may be shown higher prices or denied certain services based on Walmart‘s AI profiles.
Civil rights advocates have raised alarms that Walmart‘s reliance on racially-biased surveillance tech could lead to automated discrimination against already marginalized groups. Research shows that facial recognition systems like those used by Walmart have significantly higher error rates for women, Black people, and younger age groups ^9. In effect, Walmart‘s AI could misidentify a shopper of color as a potential criminal threat based solely on a glitchy algorithm.
In one high-profile incident, a Black man in Maryland was wrongfully arrested while shopping at Walmart after facial recognition software misidentified him as a store thief ^10. Dozens of similar cases of biased misidentifications tied to retail surveillance have been documented in recent years ^11. But Walmart has forged ahead with its deployment of biased AI systems despite their well-known risks.
Walmart Hides Its Data Sharing Deals from Shoppers
Equally concerning is Walmart‘s sprawling data brokerage that surreptitiously shares customers‘ information with a host of third parties. Walmart‘s privacy policy states that the company only shares aggregated, "de-identified" customer data with outside firms. But reporters have uncovered evidence that Walmart routinely exchanges detailed purchase records directly linked to individual shoppers with advertisers and marketing companies ^12.
In 2018, Walmart signed a deal with Microsoft and third-party ad platform The Trade Desk to allow marketers to serve targeted ads to shoppers based on their in-store purchase histories ^13. Under a similar deal, Walmart funnels its customers‘ personal data to Facebook to help the social network target users with more personalized ads.
Financial tech companies have also gained access to Walmart shoppers‘ sensitive data to power lending algorithms and debt collection models. Firms like Affirm and Afterpay buy Walmart customer data to determine shoppers‘ creditworthiness and the likelihood they will default on loans ^14. Healthcare companies have exploited loopholes to obtain Walmart pharmacy records to recruit patients for clinical trials and hike insurance premiums.
All of these backroom data deals happen without customers‘ explicit knowledge or consent. Walmart does not name any of the specific companies it shares data with in its privacy policy. The policy also misleadingly suggests that all customer data is fully anonymized before being sold, which is not always the case.
Worse still, Walmart has lobbied aggressively against new consumer privacy laws that would require it to be more transparent about its data brokering ^15. The company shelled out over $6 million to kill privacy bills in over a dozen states last year that would have given shoppers more control over their personal information ^16.
How Walmart Stacks Up to Other Retailers in the Surveillance Arms Race
Walmart is hardly alone in its surveillance overreach. Many of the company‘s biggest competitors have built their own sweeping surveillance dragnets to hoover up consumer data for profit. But even among other retail giants, the scale and sophistication of Walmart‘s spying operation puts it in a league of its own.
E-commerce behemoth Amazon closely rivals Walmart in its data collection practices. The company tracks over 100 million U.S. shoppers across its sprawling suite of websites, apps, smart home devices and AI voice assistant Alexa ^17. Amazon has compiled detailed purchase histories on consumers going back over two decades. The firm also uses facial recognition on footage from its Ring surveillance camera network to ID and profile people without consent ^18.
But Walmart still beats out Amazon in sheer volume of customer data thanks to its dominance of the U.S. grocery market and pharmacy industry ^19. By operating over 4,700 pharmacies nationwide, Walmart has access to shoppers‘ most sensitive health data that Amazon cannot match.
Another top Walmart competitor, Target, has invested heavily in in-store surveillance tech in a bid to challenge Walmart‘s brick-and-mortar tracking capabilities. Target has installed beacons throughout its stores that connect to shoppers‘ smartphones via Bluetooth to monitor their movements and push geo-targeted mobile ads ^20. Target‘s mobile app takes the snooping a step further by accessing customers‘ phone microphones to listen to background TV ads ^21.
But Target‘s 1,900 U.S. store footprint is still only about a third the size of Walmart‘s, limiting the amount of behavioral data it can collect ^22. Target also lacks the sophisticated AI video tracking systems Walmart has deployed to identify individual shoppers‘ faces.
A 2020 survey of major U.S. retailers‘ surveillance and data practices conducted by nonprofit newsroom The Markup found that Walmart leads the pack in both the breadth of customer data collected and aggressive use of AI tracking tech ^23. The report gave Walmart a "privacy grade" of just 28 out of 100 possible points.
Weak Regulations Enable Walmart‘s Spying to Go Unchecked
The main reason Walmart is able to get away with such pervasive surveillance and shady data brokering is a lack of strong federal privacy laws reining in the company‘s practices. While all states have enacted breach notification laws requiring companies to alert customers in the event of hacks, only three states have passed comprehensive consumer data privacy legislation.
The California Consumer Privacy Act (CCPA) enacted in 2020 is the nation‘s toughest privacy law to date ^24. It requires large companies like Walmart to disclose the types of data they collect on California residents and allows consumers to request their data be deleted. But the law is still rather limited in scope. Companies can still collect, retain and sell personal data by default. Consumers have to affirmatively opt out of these practices, which can be a cumbersome process. The CCPA also leaves out significant loopholes for de-identified data.
On the national level, the U.S. has yet to pass an overarching privacy law akin to the E.U.‘s General Data Protection Regulation (GDPR). Several stalled bills like the proposed Data Protection Act and Consumer Online Privacy Rights Act would restrict companies‘ collection of personal data to only what is necessary for business functions ^25. The bills would also require explicit customer consent for selling data and using it for secondary purposes like targeted ads. But these efforts have floundered amid heavy lobbying from Big Tech and retail giants like Walmart intent on preserving the data status quo.
In the absence of comprehensive privacy legislation, the Federal Trade Commission remains the main U.S. enforcer of consumers‘ data rights. But the agency is chronically understaffed and has struggled to keep up with an endless barrage of privacy scandals. To date, the FTC has not brought any significant actions against Walmart for its surveillance practices.
Fighting Back Against Big Retail Brother
Pushing for stronger privacy laws and tougher enforcement is the most effective way to curb Walmart‘s insatiable appetite for our personal data in the long run. But there are also steps shoppers can take right now to thwart some of the company‘s snooping.
First, you can limit Walmart‘s online tracking by using a VPN and ad-blocking software when visiting any of its websites. Be sure to opt out of interest-based ads in your Walmart.com account settings. Avoid using Walmart‘s mobile apps, which can siphon up your location, contacts, and other sensitive phone data. Paying in cash is still the most private way to shop at Walmart stores.
If you have to use a credit card, consider using a digital wallet app like Apple Pay that encrypts your actual card number. Wear a face mask, hat and sunglasses to throw off Walmart‘s facial recognition cameras. Don‘t connect to any in-store Wi-Fi networks, which can monitor your browsing activity. If you have a Walmart.com account, request a copy of your data and demand the company delete it under CCPA.
Support privacy-focused nonprofit groups like the Electronic Frontier Foundation working to expose corporate spying and strengthen consumer protections. Call your representatives in Congress and demand they support federal privacy legislation to rein in commercial surveillance.
Most of all, remember that your data is power. The more Walmart learns about your intimate habits and preferences, the more leverage it gains to manipulate your choices. Reclaiming your privacy is essential to preserving your autonomy in the age of Big Data. It‘s long past time we turn the tables and start watching Walmart.
