Follow the shoppers, follow the money

Every day I learn something new about how smartphones can be used to track us in real time. Today's lesson: How retailers are using Bluetooth to watch what we do.

A week or so back I wrote about how retailers can track you in and out of their stores using your smartphone’s WiFi connection – as well as how some companies limit what the retailers can do with that information.

[Internet Explorer flaw gives ad trackers a sneaky edge -- for now and Congress considers ban on smartphone tracking apps]

The story doesn’t end there. WiFi is hardly the only wireless technology being employed to figure out how consumers act in the real world. I recently had a fascinating conversation with Patrick Blattner, chief product officer for a company called WirelessWerx. They make Bluetooth trackers deployed in hundreds of electronics retailers, grocery stores, and fast food joints.

As with WiFi tracking, WirelessWerx’ sensors pick up radio signals from your phone’s Bluetooth antenna and assign each one a unique number. Blattner was quick to point out that while its technology can pick up and identify any phone in range that has Bluetooth enabled, its software immediately encrypts and anonymizes the data so the retailer can’t backwards engineer it to identify individual customers.

Bluetooth tracking has two big advantages over WiFi tracking. One is they can operate within ranges as small as a few feet – making it possible to get truly granular in a way WiFi can’t. The sensors can track you aisle by aisle, end cap by end cap. They can know how long you waited at the checkout line and whether you hopped from lane to lane, hoping to get out of the store a little faster.

The other advantage is that Bluetooth is more widespread; feature phones that may not have WiFi often have Bluetooth. And the nodes are cheaper and easier for store employees to deploy than competing technologies like WiFi or cameras, says Blattner.

Working with a big box retail chain, for example, WirelessWerx figured out that changing window displays had no effect on whether people came in the store, says Blattner, and that nearly all shoppers went to the same part of every store and then left without visiting any other aisles. That prompted the chain to spend less money on displays and reconfigure their store layouts.

What’s in this for you and me? Well, maybe shorter lines at the register or more help in the aisles. By measuring foot traffic at different times of the day, a retailer can use this information to determine when their stores are busiest and if they need to bump up the staffing or open up more registers.

This year, says Blattner, major US airports will begin deploying Bluetooth tracking. The goal is to figure out how to optimize and speed up those annoying TSA security lines. But the motive isn’t to get you to your gate faster, says Blattner; it’s to get you inside the airport mall faster so you spend more time and money there.

There are a few other key differences with WiFi tracking. Unlike Euclid Analytics, which requires stores to notify consumers their WiFi connections are being recorded, no notice is ever given to customers their Bluetooth is being tracked. Nor for that matter, can consumers go to WirelessWerx or the retailer’s Web sites to opt out of tracking. Your only option: Turn Bluetooth off.

"We looked into this when we were doing a pilot program with a top-tier retailer about a year and a half ago,” Blattner says. “The response from their legal department was that having your Bluetooth enabled implies your consent to search and receive this information.”

There are so many problems with that I don’t know where to begin. Using that logic, you could argue having Bluetooth turned on implies consent for someone to hack your phone using a Bluetooth exploit. And then there’s the notion that I have to turn off a feature of a phone I pay a lot of money for each month because someone else has decided to use it in a way I don’t like. This is a troubling trend, to put it mildly.

I don’t think WirelessWerx has bad intentions for you or your data. But what about the next company that sniffs your Bluetooth? How do you know they’re not trying to marry this information to our purchases or otherwise abuse this data without telling anyone?

The answer is, you don’t. In fact, unless you’ve read this blog post or make a point of closely following the retail analytics industry, you wouldn’t even think to ask.

[Note: This story was updated slightly to clarify the source of Blattner's quote.]

UPDATE: About a week after this was published I received an email response from WirelessWerx Director of Marketing Kellie Peterson. I've received her permission to excerpt the relevant bits here:

I wanted clarify a few points that relate to your post. First, we may have oversimplified when discussing the airports' intent; our technology is primarily being deployed to help manage traffic flow in order to get people to their gates more quickly. We believe over time it will be an additional goal of airports to help improve the shopping experience for consumers, and our products can also add value in this regard.

With cameras, security personnel, employee monitors, credit card purchasing, etc. already widely deployed in retail, WirelessWERX has one of the least invasive technologies—especially since absolutely no personal information can EVER be tracked back to the consumer as an individual.

Our mission is to help our clients thrive and to do that they must deliver outstanding value, innovation and exceptional consumer experiences. We’ve developed a number of statistical sampling research tools that allow us to provide insights into aggregate traffic trends without compromising privacy in any way. It would be erroneous to suggest those consumers are personally tracked when our entire methodology is built around aggregated, but relatively small statistical samples. No retailer could ever associate our data with a specific purchase or with an individual consumer's behavior as our data is only collected and presented in aggregate form.

We are very focused on compliance with all privacy laws. But we also understand that even if you’re following the law, certain types of approaches may make people uncomfortable. This is why we maintain such rigorous privacy protocols and sampling-based methodologies. Our clients are in compliance with all federal and state laws as well, including those related to personal information. If a customer downloads an in-store app that utilizes our platform, they would be subject to the terms of use as presented by the app.

See also:

Part I: Attention shoppers: Retailers can now track you across the mall

Part II: If you shop til you drop, will they track when you come back?