Inside Timeshare has received an email from Greg Crist, CEO of the NTOA in response to Edwards article yesterday on Owners Data. In his email Greg addresses the fact the developers community has been battling the issue of the the breach of owners records for decades. In his opening he states:
“I think the developer community has been dealing with “owner records data breach issue” for decades. Those lists of owners have been stolen…sold and resold many times over and it continues to happen at present day. (***Get a quote from the Orlando Florida PD – timeshare resale task force…and they will tell you that people are making more money selling lists of owner records than actually selling timeshare or resale***)”.
When you consider the last part, that people can make more money from selling these lists than selling timeshare or resale, it goes to show how valuable this information is. It is not just timeshare that has suffered, in the UK there was a proliferation of calls regarding PPI (Payment Protection Insurance), again where did this information come from? Was it stolen by ex-employees or sold by the companies themselves?
There is also another form of compiling these lists which does not involve theft, that is the landing page on the web. When searching the internet for say a resale company, you will quite often find a website which offers the service, on many there are no company details, they direct you to a form which you then fill in. It will ask for your contact information, what timeshare you own, the maintenance fees etc. This information is then sold to resale companies for quite substantial amounts per lead. There is nothing wrong in this, you have initiated the search and voluntarily given the information.
Another area which has resulted in personal information being sold is one that many have fallen foul of. When taking out a loan or even applying for a store rewards card, such as Tesco Club Card, how many people did not tick the box, this box was the opt out for your information being passed on to third parties, which may have or provide goods and services which may be of interest to you. Whether it has been changed we don’t know, but many declared that it should be an “opt in” not an “opt out”, quite simply the box was so small most never even noticed it.
The two examples above are not illegal, what is illegal is for employees or ex-employees to steal and then sell this information. In the world of timeshare, especially in Europe, many sales staff in the past were on commission only, in many cases some of the sales companies did all they could to withhold commissions. It was not uncommon for a client to “cancel” then the salesperson did not get paid, when in reality the client completed. This practise was instrumental in staff “stealing” the data, many even kept their own records for future use, a kind of unemployment insurance policy.
Wyndham according to Greg has gone after former employees:
“Wyndham has actually pursued former employees who either acquired the data illegally or purchased it from an insider to use for the thief’s own ill-gotten gains”.
As mentioned in yesterday’s article, Diamond has also informed their members of a claims company set up by ex-employees, who they say are using “stolen” client lists. They then contact the owners with a view to claiming compensation for misselling.
This is a problem and one can understand the industry in their view that legislation preventing owners groups such as HOA or Owners Committees from accessing this information, will protect them. But the question is who stole the information, was it the owners or the employees?
Will this legislation stop the theft of these lists by employees? Somehow we think not.
As highlighted in Edwards article, the Spanish Data Protection Agency even stated the information belonged to the owners, the resorts or management company were just “Custodians”. The Community of Owners are the true owner and controller. Yet we see them being denied access using data protection and protecting them from abuse as an excuse.
Is this just another example of a huge divide between the industry and owners?
In the end the developers need to work with owners if the industry is to survive, they need to listen and take note of the concerns of the people who in effect pay their wages and keep them in business. Without some level of cooperation there is no hope, both sides will be at loggerheads and who in the end will be the losers?