Portions of this piece were originally published on Forbes.com, but it seemed important to re-iterate it here.

It’s starting to seem like consumers are getting hack notifications almost as often as the Northeast has been getting snowstorms this year. Last Sunday, I found myself the recipient of yet another notification – this one from kickstarter.com. These apologetic “Oops, your data was stolen ” letters are getting really tiresome.

You might wonder why I’m writing about the kickstarter.com hack in RSR’s newsletter. Well, just like consumers don’t think about retail in terms of ‘channels’ even though retailers are fixated on “omni-channel ” everything, they also don’t think about the fine points of the difference between fund raisers like Kickstarter.com and retailers selling actual merchandise like Target. All they think of is “These people are collecting information about me and my bank accounts and are doing an awful job keeping it safe. “

In fact, a friend (and a very bright woman) who knows I’m involved with retailers wrote the following on my Facebook page after receiving her Kickstarter letter, “Hey, can you prevail upon the retail powers that be to stop asking for so much personal information. They can’t possibly still think they can keep peoples’ data safe. “ We may cry “No fair “…but consumers just don’t care.

I got similar comments to the post I made on Forbes about Target’s data breach. People who had never even shopped at Target, or who hadn’t shopped there in close to a decade got “the letter ” from Target. I was one of them. As I tried to rationalize out my own letter, I thought “Well, perhaps I bought something on line from them a long time ago. ” But I never became a member of their site, and I never expected they’d store my information for that many years. A couple of commenters were quite indignant, being taken completely by surprise at the fact that their data was stored at all. (Note: Retailers and others have to keep your information for a little while in case you want to return the merchandise or otherwise dispute the transaction. But how long should “a little while ” be?)

Later, a fellow retail watcher suggested to me that I might never have shopped on Target’s site at all. They might have bought my name from another retailer and then filled in the blanks with information from a company like Acxiom.

Our personal data is available from Acxiom and others to anyone who’d like to buy it for legitimate reasons. And that’s the problem in a nutshell. Consumers realize their personal data can be bought, sold and stolen, and they might have nothing to do with it at all. Did Target buy my data from Acxiom? I have no idea. I buy enough stuff on-line that it’s not impossible that I bought something from Target.com a few years ago. And then they went to Acxiom to fill in the blanks.

I think it’s time we called for more transparency. Axciom made a great start with its site aboutthedata.com. But why can’t we resolve to change a few things ourselves:

• Let consumers know what data is being saved and how long they are saving it. It wouldn’t hurt to explain why we’re saving it as well.
• Create a consortium between banks, credit card processors, terrestrial retailers and on-line merchants whose sole job it is to create standards around the creation, retention, safety and security of that data.
• Recognize that NO standard, regardless how seemingly rigorous is guaranteed to protect data in an ever-changing world.
• Use the consortium I described above (Information Sharing and Analysis Centers or ISACs) to work together to evolve and enhance security standards on an ongoing basis. Retail watcher Cathy Hotka has been beating this drum for years. Consider me officially joined to her cause.

We’ve wandered into a new world that demands these kinds of standards. Sometime in the next eight to ten weeks, spring will come and the snowstorms will stop. You can take that to the bank. I wish I could say the same about “the letters. ” I fear I’ll keep getting them until the payment ecosystem itself starts working together to change its ways. Guys, it’s time.