This is a busy shopping period in North America, where “Black Friday” and “Cyber Monday” sales are becoming more popular each year. While the challenges with online shopping are well-known, what caught my eye this holiday season was the new tactic of retailers targeting shoppers and—in the opinion of some—infringing on their privacy under the guise of personalizing the shopping experience. This year, I became aware that some retailers are using security cameras and\or smartphone Wi-Fi signals to obtain information about their customers’ behavior within their stores.
This week, I tested this out by visiting a local department store. While noticing the extensive number of cameras (which I thought were for inventory management), my smartphone immediately identified an available Wi-Fi network. I quickly connected with the network and looked for a legal agreement for its use.
I was amazed there was none.
As my email was streamed, I pondered the combined use of digital recognition and Wi-Fi, enabling the store to track my movements for purposes of inventory, fine-tuned staffing levels and better product placement. I also thought about correlating my image and behaviors. As I moved to the register, the store could then readily correlate my buying behaviors and, subsequently, easily recall my patterns the next time I shopped there. The store could recognize me, correlate my shopping patterns and personalize real-time offers directly to me via my Wi-Fi connection—all of this without my approval. (Imagine if I had a store credit card and how much more they could correlate and receive.)
This is not a forecast of the future—it is happening now! Businesses can subscribe to Facedeals, a new facial-recognition marketing app, and use their camera systems to scan people's faces and match them to their tagged photos on Facebook. Following recognition, customers can then receive customized coupon codes and offers based on the "likes" they’ve made on Facebook.
Personally, I believe that these uses of technology blur the line between offering me a great deal and invading my privacy; but, in retrospect, it is no different than online shopping and the level of information correlated by that behavior.
And companies can take these technologies further. It is one thing for a retailer to have a general idea of how many people are in their store and how consumers interact with their items and staff, but imagine if the retailer can identify you individually and tailor pricing and service based on your in-store behavior and financial history.
I don’t believe retailers are leveraging these technologies now, but they could and there is nothing illegal about it. I suspect this will soon become “business as usual.”
As a tech junkie, I applaud the use of technology to improve my life experience, but I do not condone infringing on my privacy without my permission.
Want more? Below are some tips provided by ISACA to help you protect your privacy this holiday season.
Five tips to best protect yourself when shopping:
- Provide the minimum amount of personal information and be an active governor of your own information.
- Regularly review credit card statements and credit reports to ensure that personal information has not been compromised or misused.
- When shopping online, be sure that the vendor’s URL is protected with secure sockets layer (SSL) before entering credit card information. Look for https and a padlock symbol.
- Understand what information is being collected and how it will be used. Read privacy policies.
- Shop at home with a secure connection and take care when making purchases online using a public Wi-Fi connection.
Enjoy your shopping experience this holiday season!
Robert Stroud, CGEIT, CRISC
Vice President, CA Technologies
We welcome your comments! Please log in using the Sign In link at the top right of this page and then leave your comment in the box at the end of the post. To view all blog posts, please click on the ISACA Now link in the blue box on the left.