Retailers are increasingly tracking the movements of shoppers inside and near their stores. Many are doing so using Wi-Fi or Bluetooth sensors that detect when cell phones in the area broadcast their unique MAC addresses.
The technology providers who are working with stores aren’t collecting personal information through this method; they’re using the data to create aggregate reports on topics like repeat traffic or time spent in checkout lines. Still, acknowledging that customers may have privacy concerns about the tactic, a group of mobile location analytics firms have taken steps to add transparency and customer choice into the equation by creating the Mobile Location Analytics Code of Conduct.
The code, which debuted in October, is a self-regulatory framework for the services that mobile location analytics firms provide to brick-and-mortar clients. It spells out rules about how data for shopper analytics can be collected and used and also establishes the right of consumers to choose not to have their mobile devices tracked.
The code was devised by a group of analytics firms that collaborated with the Future of Privacy Forum, a think tank, and U.S. Senator Charles Schumer of New York, who in July called cell phone tracking “intrusive and unsettling.” So far 11 analytics companies have agreed to follow the code’s guidelines.
“[The code] has gone a really long way in the minds of the retailer to help clarify how to responsibly use this technology to optimize the shopping experience,” says Adam Wilson, chief marketing officer of the analytics company Euclid, which participated in the code’s creation. “And I think on the part of consumers it’s gone a long way to assuaging their concerns that personally identifiable information is being collected and tracked without their knowing.”
Projects Intended to Improve the Shopping Experience
The code has emerged as an increasing number of retailers are embracing the use of data to improve the shopper experience. Greg Sterling, a senior analyst at the advisory firm Opus Research, says all the major retailers are either actively experimenting with location analytics or “sniffing around the edges.” At the same time, retailers have a “high degree of sensitivity” about the privacy aspects involved, says Sterling.
Parts of the code focuses on rules about the data itself – requiring, for instance, that companies promptly take measures like hashing a smartphone user’s MAC address to ensure the data can’t reasonably be linked to an individual. The code also states that someone must opt-in to have his or her personal information linked to a MAC address or to be contacted based on mobile location data.
Participating companies also must create policies for keeping and deleting unique device data, and if a firm shares shopper analytics data with a third party, that third party must contractually agree to use it in a way that is consistent with the code.
Other principles of the code are aimed specifically at consumer empowerment and education. For instance, the guidelines say analytics companies should give consumers the ability to stop having their mobile devices used for retail analytics.
Opting out from data collection – at least by the analytics companies that have agreed to the code – became a lot easier on Feb. 18 when the Future of Privacy Forum launched a centralized opt-out website. The platform was built for the think tank by The Wireless Registry, which is a global registry of wireless names and identifiers.
One aspect of the code that could make some retailers queasy stipulates that analytics companies should take “reasonable steps” to require that clients display signage about the use of tracking technology and explain where consumers can find more information and “exercise choice.”
Displaying that kind of signage backfired last year on Nordstrom when it was working on tests with Euclid. Some customers were troubled by the technology, according to a New York Times article that quoted a Nordstrom spokeswoman saying the retailer had heard some complaints and that its experiment had ended in part because of the comments.
Still, Euclid’s Wilson expects more retailers will abide by the new notice rules. “The code of conduct is relatively new, so it is an evolving process,” Wilson says. “Over time we will see broader adoption of these best practices and recommendations.”
For its part, Euclid is sending clients a standard notice it “strongly recommends” they post in their stores and is offering training to ensure clients are adhering to the new guidelines. Euclid can help prepare store managers
and employees for answering basic questions about what information is being collected and how it’s used, Wilson says.
“What we find is that in most cases if people are curious, once they understand a bit more about what we’re doing and discover it’s really anonymous device data and only used in aggregate and that information contains no personally identifiable data around names, addresses, phone numbers or emails, then pretty quickly they become much less concerned about what’s going on there,” Wilson says.
Nonetheless, many consumers may not yet see what they get out of the arrangement. The advantages are clearer when they log into a retailer’s in-store app and receive benefits like coupons, but that is a separate use case that requires an opt-in. When their device information is tracked to improve customer experiences, like knowing which times require more staff, the benefits are indirect and harder to grasp.
“Right now we’re at the early stages where we’re starting to collect the analytics but not a lot of companies have yet turned those analytics into actionable rewards to enhance the shopping experience for customers,” says Chris Gilpin, co-founder of Turnstyle Solutions, another analytics firm that helped develop the code. “Once that starts to happen I think [customers] will start to understand the benefits of this type of technology and hopefully embrace it more.”
A Debate Over How to Communicate About Shopper Monitoring
But Mallory Duncan, senior vice president and general counsel at the National Retail Federation, criticized the code at a recent Federal Trade Commission seminar on mobile device tracking. “On behalf of the retail industry, I have to say the overwhelming majority is not at a point where we think this code has all the elements that we think are necessary or appropriate,” Duncan said.
He offered the example of using heat-map technology to keep checkout lines short and said, “That, I would argue, is a benefit to consumers, but it’s not necessarily something that you’re going to provide notice about because it’s almost an intrinsically good management of the store operation.”
Duncan added, “To suddenly proliferate whole bunches of new signs either for this technology or for other technology that’s used to accomplish the same sort of thing strikes us as perhaps a bridge too far at this point in light of what’s actually happening.”
In response, Jim Riesenbach, chief executive officer of the retail analytics firm iInside/WirelessWERX, acknowledged the technology is constantly evolving and the code – which his company helped create – isn’t a perfect solution. “We felt there was a lot of confusion in the marketplace and this is a good first step,” he said. “Our attitude has been, ‘Let’s get as far as we can right now, let’s get something out into the marketplace that shows positive intent and positive steps and what we can do today as an industry.’”