Companies have good reasons to collect data about their customers. Most companies want to build long-term relationships with their customers, and so will not use these data in a way that upsets the customer. However, this "good faith" constraint no longer applies when the company is not conducting business as usual. If a company goes out of business, its customer data is an asset that could be sold, and is likely to land in the hands of someone who will use it in ways that the customers never intended. To prevent this scenario, customers should ask each company they do business with to take the data destruction pledge:
Any data we collect about you will be destroyed if our company enters bankruptcy proceedings.
You think this could not happen?? Check out Borders, ConnectedU, Radioshack, XY Magazine. All of these companies had subscriber/client information, and in all of these cases creditors tried to sell that information to the highest bidder. The courts are in the picture: there is the Ombudsman Act of 2005, which requires a disinterested ombudsman to make sure personally identifiable customer information is dealt with fairly. But the ombudsman is expected to give great weight to what privacy expectations the customers have, based on the published privacy policies of companies. Companies should focus on maximizing their loyal customer base rather than on wording privacy policies to maximize value of customer data in bankruptcy.