Groupon wants your soul -- and also your location data

The massively popular group deals service will now track your location and send you offers via your smart phone. Does that make you nervous? It should.

By now, we’re all familiar with the privacy trade-off inherent in using the Web, particularly with sites like Facebook or Twitter or Google. There is no free lunch; if you don’t pay for things they give you with money, you end up paying for them with your data.

In most cases, though, there are things you can do to obscure, withhold, or fictionalize your personal information. You don’t have to log into iGoogle to run a search; you don’t have to give Facebook your real name, no matter what Mark Zuckerberg tells you.

But  ‘social deals’ sites like Groupon are a different story. They collect even more information than a Facebook or a Google, and there’s no anonymity option; you want the deals, you have to fork over your actual identity, along with your credit card info.

[See also: Caught naked on Facebook – again! ]

One key difference is that, unlike most Web sites, Groupon offers items of tangible value – usually radical discounts on stuff you might be interesting in buying or trying. And all they want in return is your soul. What’s wrong with that?

OK, just kidding. Groupon doesn’t want your soul. They just want your soul’s address, its credit card and contact information, age and gender, birthdate, and social media interactions. They want information about your soul’s friends, especially if you or your soul have bought Groupon deals for them as gifts.

They also want to track and store the location of your soul’s mobile phone. That last bit is new, the result of changes to the Groupon privacy policy the company issued over the weekend.

Install the Groupon mobile app, and it may feed you deals based on where you happen to be standing at the moment. If, for example, you’re loitering outside a shiatsu parlor that works with Groupon, offers for half off on a foot massage may suddenly pop up on your phone.

Privacy geeks have been talking about this kind of thing for years. It’s now finally happening. The implications can get nasty quickly; as the laws now stand, any private entity that tracks your location can sell that data to anyone else, and must hand it over when ordered by a court.

Of course, you have to install the Groupon app and say Yes to have this tracking take effect. But you don’t have to be actively using Groupon or to accept a deal for them to collect your location information; Groupon has  access to it whenever they want. (They would need to, in order to send you deals.)  Per the new privacy policy:

… if you use a Groupon mobile application and your mobile device’s settings allow it, we may collect Mobile Location Information from your device. Our application may be designed to collect information even if you are not logged into the Groupon application or the Sites…, if the settings on your location-aware device allow us to receive Location Information, we will collect that automatically.

How often will Groupon ping your location? Good question. The privacy policy is totally mum on that score.

How long will Groupon store this data? Though the new policy doesn’t address location data specifically, it does plan to hold onto your personal information for as long as you use the service. Again, the privacy policy:

We will retain your information for as long as your account is active or as needed to provide you services and to maintain a record of your transactions for financial reporting purposes.

There’s more. Groupon has broadened its definition of “personal information” to include your habits and interests, a la Facebook, and it’s reserving the option to combine that information with other data it obtains about you from third parties. Can you say “data mining”? I knew that you could.

First, kudos to Groupon for even notifying its users of the privacy changes. Not all companies do. Many just leave it up to users to check the privacy policies periodically – and who, aside from privacy nerds like me, ever does that? (Though the conspiracy theorist inside me has to wonder why they chose to send the notifications out on a Saturday near midnight.)

Second, kudos again to Groupon for offering up a clear summary of the changes to its policies, along with the legalese. It’s as if they’ve been reading my blog.

As for the rest, though, a big fat raspberry. Groupon is tracking mobile users’ locations, unless they tell it not to, and apparently storing that information indefinitely. That’s never good. The potential for abuse is enormous.

I’ve asked Groupon to clarify what is and isn’t in its new policy, and will update this post if they reply.

ITworld TY4NS blogger Dan Tynan never met a penny he wouldn’t pinch – but even his stinginess has limits. Visit his eHumor site eSarcasm or follow him on Twitter: @tynan_on_tech.

ITWorld DealPost: The best in tech deals and discounts.
Shop Tech Products at Amazon