Sears Privacy/Security Double Whammy.

After the resolution of some aspects of the TJX matter in 2007, it looks like another huge retailer has stepped on the privacy/security porcupine for 2008.Privacy: Sears is suffering some bad press for allegedly placing "spyware" on its customer's computers that allows Sears (and Kmart) to track their Internet usage, including websites visited, searches engaged in and the headings of emails (click here for story) Security: In addition, Sears has been sued in a $5 million class action for an alleged security breach related to its website. Apparently, the website allowed any user to type in a customer's name, addresss and phone number (or some combination thereof) and get a complete history of that customer's purchasing history at Sears (click here for story) So, question to my readers, in the ever-increasing world of e-commerce, how much tracking of customer behavior/Internet usage is too much? And when should it be permissible (if ever) to engage in the type of activity Sears was engaged in? P.S. Copy of the complaint can be found here.