[LINK] RFI: 'Footpath' Customer Phone Tracking
Roger.Clarke at xamax.com.au
Fri Oct 14 09:00:09 AEDT 2011
A UK company is hawking a customer surveillance service that claims
to detect an anonymous, randomly generated, frequently changing
signal from mobile phones.
There's a media flurry today.
Extracts from the company's web-page are below.
Can the Link Institute offer 'sanity-check' guidance on this?
Much appreciated! ... Roger
At 8:42 +1100 14/10/11, Katina Michael wrote:
>Interesting- the claim is that the number is not even revealed... so
>random number associated to the cell phone.
"FootPath works by detecting a randomly generated, frequently
changing signal from your mobile phone. This random signal is
detected by a number of our units within the premises. We combine the
information detected from the mobile phone signal with a proprietary
mathematical algorithm developed by us. This allows us to determine
your path through premises equipped with our receiver units".
[Randomly generated and frequently changing, eh? But it seems to be
either not all that frequent, or so frequent that the new number can
be linked to the old one on the basis of the location in physical
space of the old signal and the new one.]
"FootPath detects only a regularly changing, random number which
contains no personal information. As we do not access this
information in real time, or divulge this information to any third
parties, it is not practicably possible for you to be identified by
the operation of FootPath.
We have consulted with various privacy groups and the Office of the
Information Commissioner to ensure that our operating procedures
protect your privacy. In particular we ensure that your privacy is
protected by the following means:
* Security - our detector units are secure and are accessible only
by our highly trained personnel. Staff at shopping centres do not
have access to our detector units. This ensures that information
detected by our units cannot be combined with other information from
other systems that may allow you to be identified (for example, a
CCTV camera in a shopping centre).
* Aggregation - Aggregated data is collected from our detector
units and sent off to our offices the evening following the day in
which the data was collected. Accordingly, it is not possible to
match your individual movements with the aggregated data collected by
the detector units. By way of example, we may inform a client that
500 people that visited John Lewis also went on to visit Marks and
Spencer on a particular day.
* Anonymised data - The analysis of the path information obtained
by FootPath is provided to each client in anonymised, aggregated
form only. It is therefore impossible for a client to identify you by
linking the contents of our analysis with, for example, images from
their CCTV system.
* Commitment to privacy - as a voluntary 'fail-safe' mechanism, we
have also agreed, as a company, not to access any information that
would allow us, or a third party to link any path information with
any other data or information that would allow you to be identified."
>Shopping centres' Big Brother plan to track customers via their phones
>By Karen Collier, consumer reporter
>HeraldSun, 14 October 2011
>SHOPPING centres will monitor customers' mobile phones to track how
>often they visit, which stores they like and how long they stay.
>The technology, brought to Australia by a UK-based company, has
>prompted a call for an investigation by privacy or telephone
>One shopping centre is due next month to become the first in the
>nation to fit receivers that detect unique mobile phone radio
>frequency codes to pinpoint location within 1-2m.
>The company behind the Footpath system says it is also having
>discussions with major Melbourne sites.
>Path Intelligence national sales manager Kerry Baddeley stressed that
>no mobile phone user names or numbers could be accessed.
>``All we do is log the movement of a phone around an area and
>aggregate this to provide trend data for businesses. It's much less
>intrusive or invasive than existing people-counting methods, for
>instance CCTV cameras,'' Ms Baddeley said.
>Australian Privacy Foundation chairman Dr Roger Clarke said emerging
>retail tracking techniques were ``seriously creepy'' and should be
>thoroughly investigated. Prominent signs should notify and seek
>consent from customers, he said. The Herald Sun this week reported
>that some shops were already using separate image monitoring to log
>the direction customers walk, how long they stop in front of
>products, or if they are male or female.
>Federal Privacy Commissioner Timothy Pilgrim said the Privacy Act
>applied only if collected information identified individuals. He
>encouraged organisations to be open with customers.
>Ms Baddeley said that mobile phone monitoring, which was already
>operating in the UK and the US, would help the struggling retail
>sector develop marketing campaigns and identify the best mix of
>outlets in big shopping centres. She said the small receivers
>attached to walls picked up Temporary Mobile Subscriber Identity
>Data was then fed to computer servers to create weekly reports
>outlining popular customer routes and their length of stay.
>The debut Australian shopping centre planned a public announcement
>once the system was running.
>collierk at heraldsun.com.au
Roger Clarke http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd 78 Sidaway St, Chapman ACT 2611 AUSTRALIA
Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au http://www.xamax.com.au/
Visiting Professor in the Cyberspace Law & Policy Centre Uni of NSW
Visiting Professor in Computer Science Australian National University
More information about the Link