After a shopping binge at Macy's, is a mallgoer more likely to refuel at Cinnabon or Cold Stone Creamery -- or both? If the latter, will said customer then head to Brookstone to recover in a massaging chair, or will he make a beeline to the mall's first aid station? Malls and retailers had hoped to start gleaning information about shoppers' movement by discretely tracking them through their mobile devices -- but their plans are now on hold after a U.S. senator raised privacy concerns about the practice.
The value of this technology is evident: Retailers can use that data to better understand shopping patterns, which in theory means they can make improvements based on their finding to enhance the customer experience while boosting sales. Inevitably, though, it raises the question as to whether this type of system represents an invasion of privacy or a potential security risk for mobile device users. U.S. Senator Charles E. Schumer raised the privacy flag Monday after reports emerged last week about malls and retailers rolling out a tracking system from Path Intelligence, based in the United Kingdom.
Two malls -- Promenade Temecula in southern California and Short Pump Town Center in Richmond, Va. -- had announced plans to test Path Intelligence's FootPath Technology system through the end of the year, whereas Home Depot and JC Penney were reportedly considering the system as well. According to The Register, the mall owners suspended deployment of FootPath after receiving letters from Schumer over the weekend.
Schumer's specific concern stemmed from the notion of third parties discreetly using shoppers' own personal cellphones to track their movements without permission, and the New York senator went so far as to call on the Federal Trade Commission to explore how the technology fits into regulatory controls dealing with consumer privacy. Whether Schumer's specific concerns about PI's FootPath are warranted or overblown is debatable, but the emergence of this type of technology deserves closer scrutiny, and privacy advocates will no doubt watch closely to see where it all leads.
Mobile device tracking 101
First, a primer on Path Intelligence's FootPath technology: Deploying the system entails installing monitoring units around the properties. These monitoring systems, according to Path Intelligence, detect randomly generated, frequently changing signals from users' phones, specifically the TMSI, or Temporary Mobile Subscriber Identifier. The system then combines that information with a proprietary mathematical algorithm to determine a user's path.
For the system to function, customers must have their cellphones powered on -- and there is no way for users to know when or if their devices are being tracked unless they are informed by an outside source, such as a sign hanging in the mall. Schumer cited that fact as a point concern about the FootPath system: "To add insult to injury, this company says the only way to opt-out is to turn off your phone. But shoppers shouldn’t have to turn off their phones just to protect their privacy, and asking parents or children to turn off their phones when they rely on them to stay connected is simply unacceptable," he said in a statement issued Monday by his office.
Path Intelligence stresses that it does not capture any personal information about an individual user: "Our detector units do not allow us to obtain your telephone number, to listen to any of your calls, read any SMS messages read or sent by you, or to log details of any calls or SMS messages made or received by you. Neither does any of the information received allow us to identify you or any group of individuals."
The monitoring units also do not capture and store mobile device's unique identification numbers, according to Point Intelligence. "The unique ID numbers that we collect from the phones are not stored anywhere. We change (hash) them as we receive them and only store the changed number in our database, so at no time would it be possible for someone to look at our data and match it with any other data source," Point Intelligence representative Sharon Biggar told InfoWorld via email.
The PI rep clarified that the hashed ID is a completely random string, unlike the password hashes hackers swipe for pass-the-hash attacks. "The ID will not be the same the next time they enter the store. So it is not possible for us to use cellular signals to understand that the same shopper has re-entered the store," Biggar wrote.
That fact may come as a relief to privacy buffs, as unique phone IDs are of value to cyber criminals. If hackers get their hands on them, they can correlate the data with other user-specific info they've acquired, such as location, carrier, shopping and spending habits; mobile payment information; and more. In other words, a phone's identifier can be transformed into a personal identifier in the way a PC never could.
Biggar did note that PI's system does detect Bluetooth and Wi-Fi signals if a user has them enabled or set to discoverable on his or her device. "As these IDs do not change, it is possible for us to identify a repeat visitor from these signals, but this is a smaller sample of shoppers -- and there are many providers offering Bluetooth/Wi-Fi detection," she said.