Big businesses have found a genius but truly terrifying way to monitor what you’re doing – and it’s all to do with your phone.
It seems nearly every store has its own wifi network for shoppers to use these days.
But experts have warned that consumers should be careful about what they sign themselves up to while browsing the internet.
Businesses are using intelligent software capable of tracking the location of each person’s phone so closely it can determine exactly how long they spend looking at certain products on certain shelves.
And it’s not just snooping over wifi. Some stores are now using facial recognition technology too, which last week landed Kmart, Bunnings and The Good Guys in trouble with Choice.
“For any person trying to keep their personal information private, it’s not fair. Every single person has a right to keep his or her privacy,” Internet 2.0 security engineer Rafig Jabrayilov said.
“Buying something from a store shouldn’t mean you have to share your personal details.”
Companies can track the physical location of their customers through easily accessible information distributed via their smartphones.
Apple and Android devices emit radio waves at a diameter of between 10 and 20 meters which broadcasts its MAC (media access control) address – a 12 digit code that is unique to and identifies each device.
Stores, like Nordstrom in the United States – the focus of a bombshell New York Timesarticle – can set up sensors in physical stores that return exact information on consumer behavior.
Mr Jabrayilov said whether the technique was considered PII (personal identifyable information) under the privacy act was “arguable”, given it only offered device information.
He argued it was problematic however when used in conjunction with facial recognition technology, given that together they exposed a significant volume of personal information.
In a feature designed to stop companies from being able to use MAC address information to attain consumer details, most Android and iPhone devices now had a feature that made the tracking particularly difficult.
“They created a new feature called MAC address randomisation, which generates fake MAC addresses while you’re in the store,” Mr Jabrayilov explained.
For every 40 minutes, 20 MAC addresses are generated, he said, making it nearly impossible for the retailer to get accurate information.
He said big Australian retailers were also involved with tracking consumer devices through their camera faces, however he was not in a position to pass on outlet names.
“They’re basically trying to identify your gender, what store you’re staying in more, how many people pass and enter stores, and which section they stay in more,” Mr Jabrayilov said.
While more was being learned about the enhanced capabilities of companies to source information about consumers, Mr Jabrayilov argued little was known about how such information was being stored, and how aggressively it was being protected from hackers.
Mr Jabrayilov highlighted that technology often advanced at a quicker pace than the legal system, which meant consumers could be more at risk of being exploited early on in a product’s development.
He liked MAC address tracing to the way shoppers were tracked online, which gave companies information on how long customers stayed on their websites, what they spent the most time looking at, and what products they showed interest in.
A gray area was still exist however in whether doing so fell within the confines of privacy and human rights laws, Mr Jabrayilov said.
He recommended consumers check their phone settings to ensure their randomized MAC address function has been enabled.