On Wednesday, February 19, the FTC hosted the first event of its Spring Privacy Series on emerging consumer privacy issues, focusing on mobile device tracking, specifically as it is used to track consumer’s’ movements throughout and around retail stores.
After a mobile location tracking demonstration by FTC Chief Technologist Latanya Sweeney, Ashkan Soltani provided an overview of the technology. A panel discussion followed, including representatives from The National Retail Federation (NRF), Electronic Frontier Foundation (EFF), analytics companies iInside and Mexia Interactive, and design firm Create with Context.
According to panelists, retailers and other users of mobile location tracking technology are strongly incented to maintain consumer trust because consumer loyalty is on the line. The way to consumer trust is transparency – transparency about what data are being collected, what’s being done with the data, etc. Enabling transparency, however, is challenging because it is difficult to capture consumer awareness. There are three different ways to enable awareness: explicit, implicit and ambient. Studies have shown that explicit awareness, or signage, is ineffective. Consumers do not notice signs when they enter a retail establishment. And including signage on a mobile device is a limited communication tool because although 84% of shoppers use smartphones in a store, only 11% have it visible at any given time. The reason? Their hands are busy; holding a device while shopping is not practical. Also, the amount of detail that explicit signage is attempting to communicate poses a challenge. Including information on what is being collected, how it is being used, giving an opt out option and conveying consumer benefits is a substantial amount of print for a consumer to read and process while she is trying to get in a store, find items, and get out.
Implicit awareness arises when a consumers understand that information is being collected about them because they are receiving a benefit or service that directly leverages that information. For example, when a user accesses Google maps to get directions, she understands that the map application is collecting her location information. The more a user receives a benefit from the tracking functionality and can intuit that information is being collected to provide that benefit, the higher the level of implicit awareness. Finally, ambient awareness arises from input on the periphery; it’s not directly a part of the consumer’s experience but she may be aware of it. An example of ambient awareness is the handicapped sign; people see it and immediately understand the message it communicates. At the same time, it’s not front-and-center like explicit awareness. Designers are working on creating a universal “My Data” icon that would immediately communicate to consumers that their data is being collected. To date, over 300 iterations have been tested and the icon is still in development. Using the three types of awareness together is a long term goal that would strengthen transparency.
Panelists were clear that the use of mobile location tracking technology is limited to collecting information in the aggregate and looking for trends, not profiling individuals. This, coupled with the fact that the information being collected is hashed MAC addresses, not actual MAC addresses or consumer’s individual names, should increase consumer confidence. There was debate among panel participants about whether the collection of information should be limited at the outset, or whether full collection should take place but with strong governance controls in place, such as not sharing data across multiple clients. Participants also addressed the fact that location data can be the most sensitive type of data of all, as it provides for multiple inferences regarding habits and associations, and thus yields the most insights.
The panel concluded with the NRF restating that retailers are using information collected only in aggregate, are doing the best they can, and are providing choice to consumers so they can opt out across the industry (Future of Privacy Forum Mobile Analytics Opt Out (Beta)); EFF calling for a change to the underlying technology so devices don’t have unique identifiers; a call for good design to enable transparency and trust; and strong governance to protect the data being collected.
For more information about governance around mobile device location tracking, read about the Future of Privacy Forum Mobile Analytics Code of Conduct in Emily Tabatabai’s Secure Times blog on the topic, as well as view the the actual Code.