Turn off your phone in the mall? Yea, right. Now there's great advice from someone who's in touch with modern reality:
1985 - If I don't see you again, I'll figure you ran into your friends and went home with them.
1989 - Meet me at the fountain at 6:00.
1992 - If you need anything, see Linda at the Gap. She'll know where to find me.
1996 - If there's an emergency, beep me and go to mall security.
1999 - Find a payphone and call my mobile phone when you get hungry.
2003 - Call my cell when you're ready to leave.
2006 - Post any good bargains on my Facebook wall.
2008 - Follow me on Twitter to see what I'm up to every 7 minutes.
2009 - Foursquare will let you know where I'm at.
2010 - Just check the Groupon emails I sent you to see where I plan to shop.
2011 - Text me immediately if you see a line anywhere. It's probably an early unpublished Black Friday special and we should get into that line now. I'll stop by REI and buy a tent and sleeping bags; you get some protein bars and Gatorade.
Just to play devil's advocate, how is this any different from running analytics on your websites? They are keeping track of where people go, just like most people on HN do with their own users. And to be honest, I think it's a clever hack that could give them information about how to improve the layout and offerings at the mall.
So why are people having a negative reaction to this? Because they can track your purchases? Websites could easily be doing that too, if they were willing to cooperate (the same way the stores would have to cooperate with the malls by giving records of all purchases, which seems unlikely). Or is it creepier just because it's your physical location?
>"So why are people having a negative reaction to this?"
Because the opt-out isn't viable and you're being opted-in without consent.
It's the equivalent of saying "What, they're just tracking your car by intercepting your OnStar comms that your car sends out anyway. They could do that with satellites (and WalMart, among others, does, for parking-lot analysis to see how many are in the store)."
This is a MiTM attack on privacy. If you keep accepting stuff like this without protest, you WILL continue to be tracked and profiled and sold to more and more aggressively with each year.
An easier comparison for anyone who reacts negatively to this story: for years the mall closed circuit video system has recorded you walking around malls, going into stores, emerging with shopping bags. Mall management has always been able to compile the same statistics based on video analysis.
It was helluva more costly though. That's like saying that spam was possible for years because someone could just send a billion copies of an advertisement via the post office.
Website analytics for malls is a good analogy. Five years from now, people will clap technology on the back for giving them more efficient store placements because of "mall analytics", but in the present, people are constantly fighting the future.
>Five years from now, people will clap technology on the back for giving them more efficient store placements because of "mall analytics"
If there were a way to bet money against that statement, I'd be doing it. Honestly, have you been to a mall lately? Did it give off a "trying our best to make shopping less of a bitch" vibe to you?
Web analytics can create value for the consumer because a website can morph to fit the user. Earth malls do not have that option.
And to the extent that this data will be used to inform store placement at all (maybe for new malls; probably just sold to stores in existing malls), it may actually be in the mall's best interest to move popular stores further apart. That way, you're forced to pass shops for which you have no prior expressed interest. Probably Cinnabon. Win?
Yes, malls already make the bathrooms and food hard to find because they know that everybody needs those, and making you search for them increases your chance of buying something on the way. If the malls knew which "store transitions" were most popular, they would definitely try to maximize their length.
Simple objective function for the mall: maximize the sum over all paths of the path length times the number of people who took that path.
I think the difference is that it's a lot easier to opt out of online tracking. You can turn on private browsing mode. You can decide not to shop online.
With this kind of tracking, there's much less that you can do, especially if more essential shops like grocery stores start to implement it. Sure, you can turn your phone off, but I at least feel like merchants should be polite enough not to track my every movement without my explicit permission.
No, you can't opt out of online tracking any easier. Private browsing mode doesn't hide your IP address. Plus you've got companies like Facebook that can (or try) to track your activity outside of their website. Ever use public internet? Someone may be sniffing your traffic to watch exactly where you're going.
Also you're "you can decide not to shop online" applies to the mall too. Richmond has several high quality malls in the area.
You're still making a distinction between online and the physical world, which is that for websites, you do something extra to opt out, whereas in the physical world you want to give explicit permission before they track you.
Note that it's very easy to opt out of this: turn the phone off. You click one button. And arguably it's more effective than private browsing mode, which still leaks a lot of information about you.
> Note that it's very easy to opt out of this: turn the phone off. You click one button.
I agree with you on the first part, and I really see this as no different and no worse than online visitor tracking. It's a trivial thing to worry about and I don't think people should be concerned over it.
That said, though, for the folks that are, it's not always that easy to just turn off the phone. Sure, most people have their cell phones on as a convenience and it wouldn't hurt them a bit to turn it off for a few minutes while in the store, but if you have the phone on because your kids are home alone, or your ailing parent may need you at any moment, etc. it becomes much more problematic.
So, in this case, while the opt-out option is simple and trivial for most people, it's practically outright unavailable, or at least perceived as unavailable, to a particular segment of the customers. Even in those instances, the cell phone is often as much or more about peace of mind than actual emergency, but I'd argue that's just as valid a reason to keep the phone on for someone in those situations.
The physical world is quite different. If I have my phone with me, and on, then I can do things which I might not otherwise do. If my wife were expecting and nearly due, or my client might call, then I could shop and still be available if needed.
This adds another factor - how much do I want to be tracked?
For web sites I can (and do!) have different browsers for different tasks. I use Firefox for Facebook, and regularly write FB cookies on Safari. But in the physical world of this example, I can't work around things by getting two mobile phones.
The analogy carries: there are things you can't do or are more tedious when you're opting out. You have to whitelist things for FlashBlock and AdBlock, your preferences aren't saved in private mode, etc. Moreover, I can still get your IP address and correlate your browser fingerprint, with reasonable confidence, to other visits you've made while using your private browser.
Likewise, you could easily have a cash-prepaid phone you use for times you don't want to be tracked and use Google Voice to forward calls to it.
The point is, you really can't opt out of tracking on the internet as easily as you're suggesting.
I'm arguing that it isn't a strong analogy, not that it isn't an invalid analogy.
Fundamentally, people expect to be able to reach me by phone, and there are times when I want to be reached. I can even tell me phone to only allow a short list of numbers to make my phone ring.
On the other hand, going to a web site means I want something from them, and their analytics are part of what they take as compensation.
You argue, I believe, that "going to the mall" becomes similar to "going to a web site." By picking up my prescription at the mall pharmacy, I implicitly grant the mall and (I presume) other stores in the mall knowledge about where I go. I suppose the same would apply if my hypothetical daughter went to a Planned Parenthood office in a shopping center.
And in some sense, you are right. They already track us, with cameras, with staff, and even with consultant anthropologists. The issues are: how much tracking is appropriate ("retail vs. wholesale surveillance" as Schneier terms it). What are the social tradeoffs, especially when there might be no real alternative to using one of the stores in the mall. (And why do so many stores ban photography while asserting the right to photograph us?)
But they don't track us with the devices we use to contact others, who have nothing to do with the store. That would be (to use yet another analogy) like a web site asking you to install a plug-in "for great discounts!!!" but which also tracks all others sites you visit? (Presume that that tracking is mentioned in the fine print.)
In your analogy, is "the mall" really like "a web site" or like a "web hosting company"? I go to a mall to visit stores, and don't care so much about the mall itself. So "the mall" would be the "web hosting company", and the individual stores correspond to a web site? As someone who has a hosted web site, I would be uncomfortable if my hosting company started doing per-person/per-page traffic analysis other than what I've set up for my own use, and would really not like it if they shared that information with other web sites also hosted by the same company.
Of course, some hosting sites might do this, but in the physical world it's harder for a store to leave the mall if it feels like the mall is doing the wrong thing.
So while you can make the analogy, it doesn't feel like a strong one. Why not just argue this case without analogies?
It's very easy to avoid the repository effects of pepper spray, just hold your breath. I don't understand why all these people with asthma are making such a fuss over this.
Really? It's "reprehensible" for a website to know how many people visit, what countries they come from, what pages they spend most time on, what buttons are most effective, etc?
Tracking between unaffiliated websites is a different story, but the mall is only tracking our movements around the mall, just like any website that gives a damn about user experience is going to track you around its pages.
This information is sufficient to track you through unrelated visits to the mall, and paired with CCTV video, sufficient to associate you with your face. It's also a small step to associate you with your credit card purchases at various stores.
>"which is why I'm surprised more people don't opt out of those things."
Because people don't know about them. That's also why there isn't more public backlash -- they're just doing what they can [barely] get away with legally.
I don't see it as the least bit reprehensible. See, I'm not one to care much about tracking and privacy like others are. Some people just hate any tracking at all and want total privacy. I'm not them. At the same time though this does concern me.
This mall thing really is innocent. They're trying to maximize profits and provide a better experience for the customers. Fine. Same with website Analytics.
It gets scary when you think of the future implications of this. In an ideal world we would be okay with this kind of tracking and we'd be confident that they won't pry too far. But we don't live in that world. We're dealing with people who will see that they can get this innocent and totally legit data and then begin to push the limits to the point where people's privacy truly is being invaded.
So this stuff is cool with me but I'm also prepared for something more sinister to come down the pipeline in the future.
You're right, I had the exact same thought about Analytics too. My browser does have a privacy mode, there are plugins that help, and a variety of ways to opt out. And yeah, I know even after all that I can still be tracked online.
So while you might be right there are 2 insidious things about this. First, opting out has a serious downside to it whereas not being tracked online can only cause minor inconveniences here or there. Secondly, where does it end? I think that's the real disturbing thing. Today it's location tracking through cell signals tomorrow we have implanted microchips that can be read by satellites at all times. That's a pretty far out example but if you told someone from 50 years ago about that story they'd probably have a similar reaction to what my implanted microchip quip probably got out of those here who read it.
The particular reason this opt-out is odious is that opting out requires you to stop participating in a service the mall has nothing to do with. If an opt-out is, "to opt out, press this button before entering the mall", or, "to opt out, stay at least ten feet away from our mall maps", or, "to opt out, do not enter the food court", then they could sorta kinda make a case for legitimacy. (Those would be somewhat bizarre, admittedly, but at least they're directly related to the mall in some way.)
The "but I need my cell phone" objections are missing the point here: the opt-out is policy is bad not because it's making you forgo a convenience or even a necessary item, but because it's hijacking your commercial relationship with someone else entirely. Kind of like the technological underpinnings of the tracking, which are mitm-ing on the signal itself.
I wonder what the cell companies have had to say about this?
The high school production of King Lear has nothing to do with your cell phone, either. But you should still turn the damn thing off. Having to forgo one relationship to participate in another is neither surprising nor odious. You don't have to shop at this mall.
Your analogy fails because the relationship is different.
In your example, you're turning off your phone because it's a case of turning off something which makes noise and light at an event where you're not supposed to do distracting things. It's something you do for the benefit of those around you. So there's a reasonable reason to affect your behavior in this case. Also, in social situations like this it is made very obvious that you're expected to not do anything distracting, whatever that is. A bit of small text on a mall map that might not obviously say "we're tracking where you go via your phone signal while you're here" to a layman is not an equivalent cue by any measure.
In the case of needing to turn off your phone to not be tracked by a third party, you're being forced to change your behavior by a service provider who has no good reason (for you or those immediately affected by you) to force this behavioral change.
I really want to know more about how they're accomplishing this technically, and what kind of carrier cooperation is required.
If all they're doing is putting up Rx antennas and using them to intercept subscriber IDs from the non-encrypted part of the handshakes with the towers, without any cooperation from the carriers themselves, I guess I'm not too concerned, as a subscriber ID alone is meaningless without carrier records.
If they're doing something that requires carrier cooperation, however, that's something different entirely. Suddenly we go from "anonymous by nature" to "trust us, we're anonymizing it."
Once you have this data, you can correlate it with records of purchases to link a given phone to a given credit card number. I'm guessing it would take just two or three purchases at the mall to be able to do a match with high confidence.
But we all know retailers care too much about their customers' privacy to pool that kind of information, so there's really nothing to worry about. And anyway, the fact people are reading the little signs and then continuing to shop without turning off their phones is a pretty clear indication that they're opting into this kind of data collection anyway.
This technology makes me uncomfortable. By itself it's rather harmless but it's not a huge leap to imagine a network of surveillance cameras using this technology.
Stuff like this makes me think I'm living in a scifi novel and I'm not sure that's a good thing.
There's a startup in Palo Alto that uses phone signals to track consumers and generate analytics. Perhaps their technology is being used. http://euclidelements.com/
Interesting. Euclid only works with smartphones, in that it appears to simply sniff MAC addresses, and triangulate them with off-the-shelf wi-fi equipment.
I'm guessing the mall tracking systems are using something on the GSM and CDMA spectra, and are sniffing UDIDs?
Isn't this similar to the way phone data is used to estimate traffic speeds on streets and highways?
Also, when I saw this: "To make it harder for hackers to get at this information, Path Intelligence scrambles those numbers twice", my first thought was "with XOR?".
And third, are these the same malls and retailers that want to block data connections to prevent people from doing on-line comparison shopping while in the store?
No, the title is incorrect. Opting out is not going to the mall (private property).
I kind of see it like saying "I want to buy something on your website - but I don't want to give you an email address or credit card!" Obviously not a perfect analogy, but really, you are going on their turf and utilizing their services. If you don't want to play by their rules, don't patronize them.
That's an entirely different discussion on the increasing privatization of public space.
We've long established that companies don't have a right to "play by their [own] rules." For example, in the US a mall cannot discriminate on basis of race, and it must follow ADA, OSHA, and other requirements.
Remember, companies exist only because of government regulation. They exist because otherwise individual people (the owners) would be responsible for mishaps and debts, and that's too much risk for most people. Since we set the law, companies must abide by our rules.
And that leads to an entirely different discussion on the influence of companies on lawmaking.
I shouldn't have to turn off my phone, I should be able to shop (using the malls services) and use my cell phone (a service entirely unrelated to the shopping mall) without having to worry about this nonsense.
I honestly don't see what business the mall has using a tactic like this. I hear the 'it's no big deal' argument, but something about the path we're on with this feels sinister.
I don't have a technological, philosophical, political argument for not liking this, I just do not want to be tracked. I feel akin to a toddler throwing a tantrum, I want to heap all of my electronics in a pile and stomp up and down on them screaming "I DON'T WANNA BE TRACKED!"
Unfortunately gadgets, phones, etc have a pretty good hold on me so I'm stuck grumbling on the internet, where I'm tracked.
edit: changed reason to argument, since thinking about it I probably do have some philosophical reasons but not anything broad and clear enough to form an argument.
I think we will have to adjust our expectations of privacy as technology changes. Larry Niven was right - technology does change a society's ethics. We always knew we had little privacy in public - we could be photographed, people could notice us and compare notes. But now, technology is making this easy, and it's making it automated.
You can pass all the laws you want, but it would be very difficult to outlaw me placing a camera in my window pointing outward, and sharing that stream with the internet.
The privacy concern should be on the part of the cell phone holder. Blaming the mall for using data that you are transmitting is like firing someone for finding a security hole in the corporate web site. If you don't want anyone to know your top secret phone id, stop transmitting it. You should be much more worried about the people who aren't telling you that they are collecting it than the mall that's announcing the fact that it is.
And if you don't want your private conversations recorded simply refrain from speaking? There is a long history of privacy protections afforded to the general public.
What do you mean by private conversations? If you're trying to transmit sensitive information, you don't use a postcard. People are jumping on the wrong bad guy here. "If we can just stop the people who are admitting to tracking us in ways we don't like, we can drive back this menace."
The reality is that if you don't like the idea of people doing this kind of tracking, stopping the people that are publicly admitting to doing it is the least of your concerns.
More like you should refrain from speaking in an environment with with security cameras and microphones... such as a mall.
I don't like this either but I don't see why the mall shouldn't be able to monitor a signal. For instance, I don't see why they should not be able to record and store video received from an array surveillance cameras (even though I don't like it).
This is a pretty bold move. It would be fun to have a basket of say 500 pre-paid phones scattered around so that folks could pick up a phone and drop it off to poision the data with a bunch of bogus stats. Except you could probably defeat that with ESID or IMEI filtering.
I am surprised that this is legal in California, there is legislation that forbids this sort of thing.
Even with the pre-paids, they'd stil be able to see where a person with one of those is going and their shopping patterns, therefore giving them exactly what they're looking for. They're tracking the movement of dots to analyze shopping patterns. If a dot is prepaid it doesn't make it a "fake" dot. What would really confuse them (maybe?) is getting as many phones on your person as possible then running around in circles.
Why they would choose to attempt to discover patterns on black friday though is beyond me - consumer behavior on that day is completely wacky and inconsistent with any other day of the year.
This makes me want to invest in a CDMA/GSM dev kit so I can spoof IMEIs and ESNs. I'd send them:
AA-BBBBBB-CCCCCC-'); DROP TABLE imei;--
EDIT: another thought would be to use a directional antenna with a high-power transmitter (should only take a few watts with a +23DB panel or something) and have a script run through IMEIs and ESNs a few hundred a second, then just wave the thing around wildly.
If you want to stop this, you have to make it not economically viable for them. Real-life tracking calls for real-life DoS.
I think the point is that you would pick up a burner at the entrance, and drop it off near the first store you enter. When you exit, you pick up a different burner that someone else picked up. That way, your actual path is not discovered.
Well, if you are doing comparison shopping by scanning in the barcode using your phone it seems like you can't have your privacy and try to get a better deal at the same time.
I'm only 5 miles away from Short Pump mall... this is really interesting. I'm pretty confident that they don't even care about attaching this kind of information to an actual person's identity or purchases. Still, even if I was concerned the likelihood of me turning my cellphone off just to avoid being tracked is close to nil. It's something that needs to be watched closely...
It's not a privacy concern until someone takes the small step of being able to track a phone with surveillance cameras. With technology like this, I can't imagine it being much more difficult than plotting the viewing areas of the cameras and then overlaying the positions of various phones on the same map. This approach won't immediately point out the person the phone belongs to but you could easily have video coverage of the person available for review. You can always pick them out of the imagery later.
1. Point a camera down a narrow traffic area -- like each door to the mall.
2. Capture their cell signal at the entrance.
3. Correlate using face-tracking.
4. Prune errors by tracking exits and entrances.
Now you have a pretty good idea of which face has which phone, for that visit and all future visits to anywhere the mall sells their tracking database to.
Many years ago, before smartphones, my family was entertained by a group of families that were using long distance walkie talkies (multi-mile range, no FCC ham radio license required) to communicate.
Its completely amazing to me how companies fooled us into paying for devices which are used to expose our habits. If cell phones were free, perhaps there would be less complaints. The fact that we each finance devices that can be used against us by companies and even government is bewildering. Make no mistake, turning off your phone does nothing.
"We won't be looking at singular shoppers," said Stephanie Shriver-Engdahl, vice president of digital strategy for Forest City. "The system monitors patterns of movement. We can see, like migrating birds, where people are going to."
Read: We're invading your privacy, but in a good way.
"It's nt a privacy concern" What?! Depends who you ask! Since when are the people collecting data the ones who decide what a privacy concern is? I don't mind right now but others might and I may change my mind!
"Hardly anyone opts out". This one is disgusting! Of course they won't opt out! Do I lose touch with the people I need or want to co,mini ate with and lose the ability to comparison shop as I go or do I opt in to being tracked by default?
They've done this totally backwards. People should have the option to opt in not out. There really isn't much choice here. It all seems innocent enough right now but we all know it'll start going further as the years go by.
How do they know if someone opted out if their phone is off? Do they divide the number of cell phones by the total number of people in the mall? What if I forget my cell phone in the car or at home? Am I considered an "opt-out"?
When I see this kind of stuff, I always think what is the best way to disrupt this kind of technology. The ideas that come to mind is to organize a bunch of people to randomly walk in the mall, or to leave a bunch of cell phones lying around to skew the data (although the first would be a LOT more effective).
If you were determined you could jam the wireless spectrum, as long as your signal was strong enough you might be able to block subscriber IDs from making it to the tracking antennas.
I don't know. I wouldn't really advocate skewing their data on purpose. I mean, this really is harmless stuff (for now at least). Just because it doesn't bother me doesn't mean others don't take offense though. What bothers me most is how they tout the opt-out method like its some totally reasonable thing. This is 2011 where our phones might as well me surgically attached to our bodies. That just sounded really out of touch with reality.
When they start collecting data that really violates privacy without a reasonable opt out method then I'd totally go for not only skewing the data but finding a way to take that system down.
>"People should have the option to opt in not out"
And this is why I hate "SEO" types. They'd reply with "but then we wouldn't get anyone to opt-in!"...which is exactly my point. Not many people want to do this.
Take a survey: ask people in the mall: "Would you like for us to track your every move inside our walls (and probably a bit outside too lol because you know we didn't invest in proper RF shielding) with no benefit to you although we'll be selling this information to the mall and making money off your non-consent?"
1985 - If I don't see you again, I'll figure you ran into your friends and went home with them.
1989 - Meet me at the fountain at 6:00.
1992 - If you need anything, see Linda at the Gap. She'll know where to find me.
1996 - If there's an emergency, beep me and go to mall security.
1999 - Find a payphone and call my mobile phone when you get hungry.
2003 - Call my cell when you're ready to leave.
2006 - Post any good bargains on my Facebook wall.
2008 - Follow me on Twitter to see what I'm up to every 7 minutes.
2009 - Foursquare will let you know where I'm at.
2010 - Just check the Groupon emails I sent you to see where I plan to shop.
2011 - Text me immediately if you see a line anywhere. It's probably an early unpublished Black Friday special and we should get into that line now. I'll stop by REI and buy a tent and sleeping bags; you get some protein bars and Gatorade.