‘Code of conduct’ for tracking consumer movement at retail stores released with industry support

23 Oct, 2013 01:58 / Updated 11 years ago

Sen. Chuck Schumer has released a “code of conduct” that aims to guide how analytics companies use consumer data collected during retail store activity. Yet the voluntary, non-legally-binding code was developed with a group cosy with the telecom industry.

Sen. Schumer (D-NY), the Future of Privacy Forum and a group of major retail analytics companies announced the code Tuesday “to promote consumer privacy and responsible data use for retail location analytics.”

The companies that have signed off on the code include Euclid, iInside, Mexia Interactive, SOLOMO, Radius Networks, Brickstream and Turnstyle Solutions - all top firms developing ways to track consumer movement and data for major retail chains and advertisers, The Verge reported.

“The code of conduct includes in-store posted signs that alert shoppers that tracking technology is being used, and instructions for how to opt out,” the parties said in a press release on the announcement. The code calls for "clear, short, and standardized" notices for customers squeamish about the tracking.

The code of conduct also claims companies joining the effort are urged to work with other analytics-tracking operations on a single website where consumers can opt-out of applications companies use to pick up data through their smartphones.

Yet the code is not legally binding, “meaning companies can choose to disobey or skirt it any time, without any real repercussions for their business, other than bad PR,” Verge writes.

In addition, the code allows for analytics tracking as long as the information is “anonymized” and used in aggregate sans identifiable material.

Schumer’s partner in announcing the voluntary policy - the Future of Privacy Forum (FPF) - comes with baggage of its own that calls into question the strength of a “code of conduct” that pledges to protect consumer data.

Formed in 2008 “in support of transparency, user control and the advancement of responsible data practices,” FPF’s advisory board and list of “supporters” is a who’s who of major companies - and their privacy officers - with a stake in utilizing customer data.

The list includes: Twenty-First Century Fox, Walmart, Lockheed Martin, Sprint, Toyota, Nordstrom, McAfee, Yahoo, Facebook, American Express, Google, Bank of America, Proctor & Gamble, LinkedIn, Intel, Apple, Time Warner Cable, Comcast, Netflix, Microsoft, Macy's, AOL, Pfizer, IBM, AT&T, Visa, HSBC, Dell, MasterCard, Merck & Co. and Verizon.

Not only do they have a stake in using customer behavioral monitoring, but many of the companies have gone to the mat to protect their own immunity and reputations after handing the US government access to customers’ phone records and other data without warrants or oversight in the past decade.

Its co-founder and executive director, Jules Polonetsky, is a former chief privacy officer at AOL.

Upon creation of the group in 2008, major privacy advocates Electronic Frontier Foundation and the American Civil Liberties Union were clueless as to what the group was and who was behind it.

“If EFF wasn’t consulted and we weren’t consulted and neither of us had even heard of the group until their coming out party yesterday, what does that say about the agenda of the Future of Privacy Forum?” the ACLU wrote about FPF in 2008. “Not to toot our own horn, but come on. If privacy scholars are being lined up to work with this group we would’ve heard about it.”

The press release associated with the announcement says the code was formed after Schumer, in June, “warned that major national retail chains were testing technology that would allow them to automatically track shoppers’ location through stores.”

The analytics companies “use mobile device Wi-Fi or Bluetooth MAC addresses to develop aggregate reports for retailers,” the release stated.