store-tracking

At a Federal Trade Commission panel Wednesday morning to discuss issues around mobile device tracking, Vice President of the National Retail Federation Mallory Duncan said something both totally dismissive of privacy concerns and potentially incendiary to privacy hawks, while cutting to the heart of mounting concerns on both sides.

“You can easily replace the word ‘tracking’ with the word ‘observing,’” he said. It’s a subjective, but important differentiation. To Duncan and the stores he represents we’re not being spied on maliciously, merely watched over kindly.

It’s a debate we should all care about. We’re getting surveilled/observed from the moment we leave the house. Four billion hours of closed circuit TV footage is shot each week. This week, Newark airport officials in New Jersey and Philips in Germany both announced that they have installed new light bulbs that can track our movements and in-store sensors that communicate electronically to shoppers are becoming ever more prevalent. Next year, the surveillance industry could be worth $37.5 billion. Google knows where you live, where you work, who you email and how you commute. Depending on your angle, this is all either a corporate quest to annihilate our privacy, or simply businesses trying to get a sense of who we are and help us have better life experiences.

On Duncan’s side is clear evidence that, as a whole, we don’t seem very concerned about it. It’s a quid pro quo. We’re happy to give up a little privacy if we feel like we’re getting something in return.

It’s not like we don’t expect that we’ll be watched. We just don’t want to know it, and we want to assume that companies will be responsible with the data they collect. (Whether they are is another story.) At the panel, Ilana Westerman, Chief Executive Officer of digital strategy consultancy Create with Context, presented findings from a survey of 4624 shoppers nationwide, which showed that we trust companies to observe us benevolently. Ninety-seven percent of respondents would give up one piece of data about themselves if it saved them money, 75 percent would hand over their location and 30 percent their reading habits if it made sense. Nearly a fifth of survey respondents would give up sensitive financial information about themselves for a chance at half off a car or an HDTV.

You see? We’re complicit in this massive data grab.

And the mobile device is perhaps the greatest tracking device of all time. Whether we know or not, or just choose not to think about it, Verizon, AT&T and the rest can pinpoint our location any time the phone is on and tuned into the network and it’s not as anonymous as we’d like to think it is.

Don’t fret, says James Riesenbach, CEO of iInside, who said that all information is unidentifiable to a specific device and used in aggregate. We’re being observed, but the information can’t be tied to us individually and companies only care about averages. Except, of course, when a government lawyer issues a subpoena. Meanwhile, Ashkan Soltani, an independent security and privacy contractor, countered that hacker services can decode in less than 40 minutes the hashing techniques that supposedly make our phones anonymous. In other words, with some bad intent, the power of observation can very much be used against us.

Soltani’s presentation was a somber reminder to us of just how “observed” we are: our phones communicating with GPS satellites, wireless carriers and location providers like Google and our apps talking to third party websites and mobile advertisers. For instance, Pandora’s mobile app communicates with eight trackers when it is in operation, Soltani said. It sends location data to seven of them, unique phone IDs to three and demographic information to two. He pointed to an example from Euclid, a self proclaimed “Google Analytics for the physical world,” which admit in company materials that with the proper legal permissions, law enforcement could work with the company to figure out if a particular phone had passed by one of its in store sensors.

We’re being observed, but Duncan’s comment tells us to take it on good faith that these powers will be used for good. It cuts to the heart of the debate between privacy and anonymity. I have a right to privacy in my home, but if I’m out in public through one measure or another, I’m trackable. The situation seems to have got past a point where a universal symbol to acknowledge data collection in action or recent mass opt out and mobile codes of conduct initiatives will make a lick of difference.

Between Google, our phones, third-party marketers, the pervasiveness of surveillance and the NSA we’re never off the grid. But if I’m anonymous, if people know where I am but not who I am and the intent is good, on a practical level I’m not sure what I’ve lost. I’m still more or less, left alone. Of course, the technology leaves us one bad board change short of a dystopia, but that’s a hypothetical problem of tomorrow.

It’s a modern update of an old maxim: if you walk through a store and it leaves data on a server somewhere but has no discernible impact on your life, do you care?

[illustration by Brad Jonas for Pando]