The New Mobile Privacy Debate: Navigating Between Discipline And “Icky”

Written by Evan Schuman
November 2nd, 2011

Envision an in-store system that addresses every customer by name and points out to the customer—out loud, in earshot of other customers—prior purchases, including highly sensitive products. The system would know the customer’s address, relatives, neighbors and friends, and might even mention embarrassing incidents involving the customer as a child. The name of this invasive system is “the friendly shopkeeper,” and almost every corner pharmacy, grocery and hardware store had one back in the 1950s and 1960s—back when we like to think customers were very privacy conscious.

Conventional wisdom is that consumer resistance to invasive marketing consistently softens over time with each new retail tech innovation. But the friendly shopkeeper demonstrates that’s not a linear trend. And there’s a school of thought that says mobile technology may break that trend, too. The potential invasiveness of mobile payments is so intense that customers might rebel and resist all privacy-infringing efforts even more—making mobile dangerously likely to blow up in retailers’ faces.

The problem isn’t just privacy. Those store owners from yesteryear proved that consumers don’t seem to object when a person knows all about them. But there’s something about personal information being transmitted by computer that changes a consumer’s sense of being violated. The very nature of a mobile device has the potential to trigger privacy problems in 50 different ways even before payments—with 24-hour geolocation tracking, records of everything you’ve searched for and even the ability to turn a private call into a public event with a speaker switch.

Once we acknowledge that it’s not the information that is deemed private but how that information is used and—most critically—shared that is at issue, it’s easier to see how mobile could set up retail for privacy blowups.

Sharon Biggar is CEO of Path Intelligence, which is the company behind a series of mobile data gathering tests in major shopping malls, including this one in Australia.

Biggar wonders if payments will indeed make consumers more sensitive to perceived privacy invasions. “Purely for the security implications, once you start making payments, you’ll be a little more hesitant,” she said.

In other words, once live banking and credit-card information goes into the virtual wallet—and PayPal, Google and others are encouraging consumers to pour everything they can into these virtual wallets—there’s much more trust that will be involved. The greater the trust, the easier it will be to violate that trust.

But Biggar offers an interesting perspective from her mall tracking efforts. Her company’s efforts track consumers via their mobile signals as they walk through the mall. And Biggar argues that such tracking shouldn’t feel new to consumers, because it’s little more than what they have experienced for years on Web sites.

“This works in the exact same way” as Web analytics, where “they might be following your dynamic IP address. We’re just passively observing every time that phone connects to the network. It works entirely in the background.”

One very interesting part about Biggar’s mobile mall efforts is the issue of customer approval. Thus far, the company has concluded that, legally, it doesn’t need signoff and it doesn’t seek it.

Given that we already know privacy is a purely emotional interaction, the issue of signoff is crucial. The very act of seeking such signoff could signal to the consumer, “Hey! This is probably something dangerous or we wouldn’t be asking for your permission. This is a heads-up that your privacy is about to be invaded. Be worried.”

If consumers don’t know they are being tracked, it’s hard for them to get upset about it.


Comments are closed.


StorefrontBacktalk delivers the latest retail technology news & analysis. Join more than 60,000 retail IT leaders who subscribe to our free weekly email. Sign up today!

Most Recent Comments

Why Did Gonzales Hackers Like European Cards So Much Better?

I am still unclear about the core point here-- why higher value of European cards. Supply and demand, yes, makes sense. But the fact that the cards were chip and pin (EMV) should make them less valuable because that demonstrably reduces the ability to use them fraudulently. Did the author mean that the chip and pin cards could be used in a country where EMV is not implemented--the US--and this mis-match make it easier to us them since the issuing banks may not have as robust anti-fraud controls as non-EMV banks because they assumed EMV would do the fraud prevention for them Read more...
Two possible reasons that I can think of and have seen in the past - 1) Cards issued by European banks when used online cross border don't usually support AVS checks. So, when a European card is used with a billing address that's in the US, an ecom merchant wouldn't necessarily know that the shipping zip code doesn't match the billing code. 2) Also, in offline chip countries the card determines whether or not a transaction is approved, not the issuer. In my experience, European issuers haven't developed the same checks on authorization requests as US issuers. So, these cards might be more valuable because they are more likely to get approved. Read more...
A smart card slot in terminals doesn't mean there is a reader or that the reader is activated. Then, activated reader or not, the U.S. processors don't have apps certified or ready to load into those terminals to accept and process smart card transactions just yet. Don't get your card(t) before the terminal (horse). Read more...
The marketplace does speak. More fraud capacity translates to higher value for the stolen data. Because nearly 100% of all US transactions are authorized online in real time, we have less fraud regardless of whether the card is Magstripe only or chip and PIn. Hence, $10 prices for US cards vs $25 for the European counterparts. Read more...
@David True. The European cards have both an EMV chip AND a mag stripe. Europeans may generally use the chip for their transactions, but the insecure stripe remains vulnerable to skimming, whether it be from a false front on an ATM or a dishonest waiter with a handheld skimmer. If their stripe is skimmed, the track data can still be cloned and used fraudulently in the United States. If European banks only detect fraud from 9-5 GMT, that might explain why American criminals prefer them over American bank issued cards, who have fraud detection in place 24x7. Read more...

Our apologies. Due to legal and security copyright issues, we can't facilitate the printing of Premium Content. If you absolutely need a hard copy, please contact customer service.