In the EU they have the GDPR laws. I'm a developer, and I wrote the system my company uses to ensure we comply with the GDPR regulations.
I also wrote my companies equivalent of google analytics, and other systems related to the topic at hand. I have to tell you, you are off base on a few things. Reputable companies do not share or sell customer information. They use it internally for their own sales and marketing purposes. I know this from first hand knowledge of being forced to sit through meetings as the "technical guy" who can answer questions.
Keeping track of all your purchases has benefits for you as well.
- If its an in store purchase and you need to return it for some reason you have proof of purchase even if you no longer have the receit.
- If you purchased an electronics devise some companies will send you an email to let you know that a software or firmware updates are available for it.
- Some companies will send you an email when an item has been recalled by the manufacture.
- etc
Scanning your licence for certain drug purchases isn't something they are doing to get your data. The federal and local governments have laws and regulations in place to track the purchase of certain drugs, because they can be used to make illegal drugs. For example products that contain pseudoephedrine can be used to make meth.
Nope, nope and nope.
The purchases I'm talking about scanning the driver's license for are not the government controlled ones that require record keeping. I'm well aware of the pseudoephedrine requirements and don't blame the stores for that. The only requirement that the items I'm talking about have are a minimum age for purchase. For those items they just need to look at the ID.
Being able to process a return based on the credit card used is handy. Linking that to my name, address and phone number without my consent is not.
And, sure, every company out there is going to go "This place wants to pay us a lot of money for the information on our shoppers but we don't want to share that" I guess Money magazine is off with "That’s because it has become common practice for many retailers to store, collate, and sell the information of millions of customers for a profit. "
https://money.com/how-retailers-track-you/
And the BBC "Although stores will often not pass loyalty scheme data to other parties, they may share customers' information with companies within the same group, which can be global.
Some companies may also share the information with their retail partners, who can use it to target their advertising.
Nectar, for example, can share data with at least 49 companies including Argos and Easyjet, according to consumer group Which?"
https://www.bbc.com/news/technology-43483426
Which is all fine and dandy, IF I opt-in but I did not.
And no company has ever done things beyond what we see in the press to screw us over. And Target, the same one that wants to scan my driver's licence if I buy a bottle of wine, didn't spend nearly two weeks with a huge hole in their data security all the while ignoring alerts that there was a problem. Sure, I want them to have more of my personal information.