He was even more critical of users of social networks like Swipely, designed for friends to share their purchase history. "Why would you put your shopping history on (things like that)?" he said. "You deserve every bit of screwing that you get."
Still, consumers have a sense -- logical or not -- that they have some control over the voluntary sharing they do, while they have little or none over a retailer tracking their movements in a store.
The tracking is possible because of the MAC (Media Access Control) address that all Wi-Fi or Bluetooth-enabled devices have -- a unique, 12-digit code to help routers send data to the right recipient. When a Wi-Fi card is on, looking for networks to join, it is detectable by local routers, such as those in a retail establishment.
Through that, the company can learn how long people stand in line at a cash register, what aisles they visit and for how long, what promotions are more effective, who visits their stores more than once, what spot in the store draws the most people, and much more.
This information is logged and uploaded to third-party companies that conduct data analytics. According to Jules Polonetsky, executive director of the Washington, D.C.-based think tank Future of Privacy Forum (FPF), nine firms have most of the market for analyzing tracking data, but there are 40 or more in the field.
The obvious goal of all this is, on its face, rather benign. "They want to sell you stuff," said Rambam. But privacy advocates say it can and does go well beyond that.
"This tracking is happening generally without people knowing, and it doesn't even leave cookies or make connections that you can monitor," said Parker Higgins, an activist with the Electronic Frontier Foundation (EFF).
"It also ignores that different norms govern what's reasonable in different environments. Your doctor can ask questions that would seem much more invasive asked by your mechanic," he said.
They also contend it is not as benign as simply providing consumers with more relevant ads. "Threats to our privacy aren't isolated -- they work together," Higgins said. "A tracking device that catches you walking regularly past the door of a store next to a medical clinic may reveal a lot more than intended."
Rebecca Herold, CEO of The Privacy Professor, said that kind of tracking, especially after it is in the hands of third-party firms, "no doubt will be used by many other entities to prove a person was located at a certain place at a certain time, along with what they were looking at. 'Gee, look! Father O'Malley spent 15 minutes reading Hustler magazine right after church! He's a pervert!'" she said is one possible scenario.
"But you may be implying something that is not the case in real life," she said. "Big data analytics will be used to reveal a huge amount of perceived activities by individuals, but it will not always be correct."
Presumably, smartphone users could defeat the tracking simply by disabling the Wi-Fi when they are shopping. But Higgins and Herold both contend that the burden should not be on users. "Privacy conscious users shouldn't have to turn off basic features just to avoid excessive tracking," Higgins said.
And Herold said according to some reports, smartphones may be trackable even when they are turned off.
There are some organized efforts being made to give control over tracking back to mobile device users. The FPF and The Wireless Registry are reportedly working to build what would amount to a Do Not Call registry for MAC addresses. It would let device owners visit a website, enter a MAC address, and be assured that tracking companies that have committed to the project will no longer track them.