Not long ago, two things were pretty easy: (1) Dividing the universe into cyberspace versus physical space. (2) Dividing retail space into online versus brick and mortar. Now the explosive proliferation of what radio frequency identification (RFID) pioneer Kevin Ashton first called “the Internet of Things,” has made both 1 and 2 a lot harder.
Today, 56% of American adults own smartphones. In other words, more than half of us carry around a small but powerful combination computer, wireless communicator, and tracking device equipped with an identifier (MAC—media access control—address) that is unique enough to identify you wherever you go with your phone. More than any other post-PC technology, these devices have created between cyberspace and physical space a hybrid no-man’s (or is it everyman’s?) land in which we enjoy most of the benefits of desktop computing and all of the benefits of mobile communication for the modest cost of a monthly subscription and (oh, yes) conversion from human being to data point.
In a host of retail sectors, the rise of e-commerce has transformed brick-and-mortar empires into deserts of insolvency. For a while, it seemed that e-retailers caught all the breaks, beginning with virtually (note pun) no overhead and ending with the ability to track customers with a breadth and depth impossible in the physical world.
Enter the smartphone—held by 56% of us and, even more importantly, by 78% possessing the spending money that comes with a household income of $75K+. (That’s US only; 80% of the world’s population has mobile phones, about 21% of which are smartphones.) As the New York Times recently pointed out, brick-and-mortar retailers are now muscling into cyberspace via technology that allows them to track customer movements through their stores by following WiFi signals from smartphones. (Some systems use Bluetooth or GSM as well.) B&M merchants want “to learn more about [their] customers—how many came through the doors, how many were repeat visitors—the kind of information that e-commerce sites like Amazon have in spades.”
The NYT article focuses on Nordstrom, which, in an abundance of transparency rare among fellow retailers, posted signs telling customers it was tracking them. The system Nordstrom used combined video surveillance with the pings smartphones broadcast in search of WiFi. This allowed marketers to track customers throughout the retail space, creating a digitized picture of “in-store shoppers’ behavior and moods . . . to learn information as varied as their sex, how many minutes they spend in the candy aisle and how long they look at merchandise before buying it.” Unless a user deliberately turns off WiFi, the phone will ping incessantly, broadcasting its unique MAC regardless of whether the user joins the store’s “free” WiFi network or not.
Nordstrom was rewarded for its transparency by what a spokeswoman characterized as “some complaints” from customers, and the retailer ended its “experiment” in May. Online behavioral advertising (OBA) has caused some consumer disquiet and has created considerable friction between US and EU approaches to online privacy. Microsoft’s decision to set Do Not Track (DNT) as the default when it released its IE 10 browser last year ignited industry protest, but has been embraced by users.
If anything, consumers find tracking even more objectionable in the B&M environment. “Creepy” is the operative word. Are the objections justified? Retailers claim that surveillance and analysis helps them improve service and offerings. Most insist that they are interested in shopping patterns not in invading individual privacy. Euclid Analytics, a leading producer of smartphone-based retail data systems, emphasizes its “one-way hashing algorithm” and other features aimed at keeping harvested data secure. It also describes smartphone WiFi pings as “anonymous”—which is true in that a user’s name is not broadcast, but also misleading, because the MAC, unique enough and ultimately identified with the owner of the phone, is transmitted as well as recorded. Moreover, some retailers study more than general patterns. They use facial recognition technology to identify gender and differentiate children from adults. Some use MAC information to identify repeat customers, determining (for example) average times between store visits. Some analyze facial cues to determine mood, interest, and satisfaction. The Nomi Measure platform sometimes combines WiFi tracking with personal information a shopper volunteers (by downloading a store-branded app or providing an email address) to create an individual profile. This may consist of the number of visits to the store, purchase history, and products purchased. It may even tie in with data tracked from the customer’s online browsing.
In 2012, AVG was the first security company to offer DNT tools to alert Internet users to tracking and to give them control over it. The new technology of tracking via mobile devices in retail settings will require new user tools. In the meantime, before you surrender your flesh and blood to bits and bytes, understand that you have choices. You can opt out. Assume you’re being tracked, and simply turn off your smartphone’s WiFi while you shop. Or you can cash in. Placed is an example of the emerging breed of consumer behavior trackers that pay subjects for a piece of their privacy. It offers an app that not only uses both WiFi and GPS to track shoppers, but actually asks them where they are in a store. App users also volunteer such information as age, gender, and income. In return, they receive prepaid gift cards and even cash.
Opt out or get paid. The point is to take control. Do what the merchants do: Put a value on your personal data.