Skip

"Most of the big chains are trying video analytics"
March 28, 2013 7:13 AM   Subscribe

How stores spy on you: Many retailers are snooping more than ever Gaze trackers are hidden in tiny holes in the shelving and detect which brands you’re looking at and how long for each. There are even mannequins whose eyes are cameras...Cisco is testing a system [that] automatically detects your mobile device and connects you to the retailer’s free Wi-Fi network. "Once the customer gets on the network, he has opted in, and the privacy concerns are allayed..." [via] posted by mediareport (51 comments total) 12 users marked this as a favorite

 
And here I was thinking this was a community review site discussing retailers with the best camera coverage in the changing rooms. I was hoping to put on a show...
posted by Samizdata at 7:23 AM on March 28, 2013 [1 favorite]


How long until these systems are hacked and we start seeing videos on Youtube like the Russian drivers?
posted by Old'n'Busted at 7:27 AM on March 28, 2013 [1 favorite]


Cisco is testing a system [that] automatically detects your mobile device and connects you to the retailer’s free Wi-Fi network.

And, once again, I am glad I've opted to keep my centuries-old LG feature-phone alive and kicking. Cisco, retailers, et.al. can kiss my private little butt.
posted by Thorzdad at 7:28 AM on March 28, 2013 [2 favorites]


Big Target is watching you.

I actually like the idea that me picking up something off the shelf with an RFID tag triggers a nearby kiosk to offer me a deal on it. That's not intrusive, and it has nothing to do with my personal information, just my browsing, which is very public. And that's fine.

I don't mind general cameras in the store to track traffic patterns or watch for shoplifters.

Can someone explain the smartphone part? I don't have one...so they can "log in" somehow if wifi is enabled and...then what? What do they do, hack my information in some way? Track my web browsing while in the store, if I do any?
posted by emjaybee at 7:30 AM on March 28, 2013 [1 favorite]


A lack of Wi-Fi won't prevent them from identifying you, Thorzdad.

The retailer tracking systems can identify individual shoppers by monitoring your phone’s International Mobile Subscriber Identity number (constantly transmitted from all cell phones to their service providers)
posted by designbot at 7:30 AM on March 28, 2013 [1 favorite]


Can someone explain the smartphone part? I don't have one...so they can "log in" somehow if wifi is enabled and...then what?

They might be able to tell if you're show-rooming by seeing what sites you visit via the store's wifi.
posted by drezdn at 7:35 AM on March 28, 2013 [1 favorite]


It automatically detects your mobile device and connects you to the retailer’s free Wi-Fi network. “Once the customer gets on the network, he has opted in, and the privacy concerns are allayed,” says Sujai Hejela, general manager of Cisco’s wireless networking group.

If you've been automatically connected to the network without your knowledge, you haven't opted into anything at all. That is not how contracts work.
posted by one more dead town's last parade at 7:37 AM on March 28, 2013 [16 favorites]


Good thing it's not possible to automatically connect to a WiFi network without your knowledge. Every WiFi-enabled device I've ever used won't connect to a network without your explicitly requesting it.
posted by zixyer at 7:43 AM on March 28, 2013 [1 favorite]


The article is vague but I'm thinking it's one of those things where a splash screen pops up when you open a browser and you have to click an "I Accept" button before you're on.
posted by theodolite at 7:44 AM on March 28, 2013 [1 favorite]


Thorzdad: "Cisco is testing a system [that] automatically detects your mobile device and connects you to the retailer’s free Wi-Fi network."

zixyer: " Every WiFi-enabled device I've ever used won't connect to a network without your explicitly requesting it."

Some folks allow their devices (usually laptops/tablets) to connect automatically when they detect open wifi networks / free wireless hotspots. I believe it's a setting you have to enable manually in most if not all OS's.
posted by zarq at 7:51 AM on March 28, 2013 [1 favorite]


The Nintendo 3DS will automatically connect, without asking or requiring user configuration, to attwifi hotspots. It's not without precedent.
posted by Pope Guilty at 7:52 AM on March 28, 2013


Can someone explain the smartphone part? I don't have one...so they can "log in" somehow if wifi is enabled and...then what? What do they do, hack my information in some way? Track my web browsing while in the store, if I do any?

The writer is exaggerating and leaving out information to support their point. No phone will log in to a WiFi network automatically. What will actually happen is if you decide to use the free WiFi the store provides, they have the ability to monitor and log all of your internet usage. It's the same as with your ISP - no matter how much noscript/ghostery/cookie deleting you do, your ISP can see everything you do online. It's something to always keep in mind if you're concerned about privacy - the party providing your internet connection obviously and by necessity can see everything that you are doing.
posted by zixyer at 7:54 AM on March 28, 2013


I often wonder abut the upper level of efficacy for marketing like this- at what point does it stop being effective or worthwhile?
posted by The Whelk at 7:54 AM on March 28, 2013


If your wifi is turned on there is nothing keeping me from tracking your MAC address. This is how many of the systems work. Even if I don't tie it to your identity I can do tons of analysis based on your pattern of moving through the store. This is a big deal for people who design displays and customer flow patterns in a retail environment. I can also see if you only show up when we run sales on certain products, on certain days of the week, holidays, etc. Retailers are very interested in all this data.
posted by white_devil at 7:58 AM on March 28, 2013 [5 favorites]


Let's see here...

We show him in the bathroom for 30 minutes. Check the time code on the WiFi log, and we see he was browsing, oh, yuck, they have a site for that now? So why was he browsing that for 30 minutes in the bathroom? Oh, oh...

EWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWWW!
posted by Samizdata at 7:59 AM on March 28, 2013 [3 favorites]


Gaze trackers are hidden in tiny holes in the shelving and detect which brands you’re looking at and how long for each.

YOUR GAZE HITS THE SIDE OF MY BRAND. I wonder if my gaze will reveal what I think of a shop where the stock is all three sizes too big for me and everything's 80% off.
posted by octobersurprise at 7:59 AM on March 28, 2013 [1 favorite]


Exactly Whelk; you get the feeling that for all the consulting and cameras and IT support to monitor my internet and match it up to my license plate, they could have hired several cheerful employees who made it more likely I would return, you know?

What is also interesting is that the people you are gathering the most data on are, by definition, already frequent shoppers in your store. Why do you need to push harder to them? Clearly they already like what you are doing.

Though if you start creeping them out by spying on them all the time, that could change.
posted by emjaybee at 8:00 AM on March 28, 2013 [9 favorites]


The Whelk: "I often wonder abut the upper level of efficacy for marketing like this- at what point does it stop being effective or worthwhile?"

Yeah, well, I think the same. I remember when I used to be a assistant admin on an OS/300 machine. The execs would show up and say "I want a report that does foo." So I would do all the SQL and create report bar, and send it to said exec. Then I would wait a couple of days and check with the exec to see if the report was what they wanted. And I would find out they never looked at it.

The downside to all this panopticon society stuff is having the manpower to evaluate the data correctly.
posted by Samizdata at 8:06 AM on March 28, 2013 [8 favorites]


Some folks allow their devices (usually laptops/tablets) to connect automatically when they detect open wifi networks / free wireless hotspots. I believe it's a setting you have to enable manually in most if not all OS's.

I'm pretty sure that's incorrect. I checked my Android phone and there's no option to do that. It might have been an option in the software we were using in the early days of WiFi, but it's obviously a massive security hole if you turn it on.
posted by zixyer at 8:07 AM on March 28, 2013


Yet another reason why I make the choice to buy small business and local whenever possible - they still use the "talking to you like a real person" method for collecting data, rather than the "creepy as fuck spying on you" method.
posted by Rodrigo Lamaitre at 8:09 AM on March 28, 2013 [3 favorites]


I don't know of any OS that will automatically connect the first time. However, most if not all will auto connect to any known network the next time. So they may have to get you to manually connect to the GAP wifi the first time, but all future visits could easily be auto connected.
posted by COD at 8:24 AM on March 28, 2013


zixyer: " I'm pretty sure that's incorrect. I checked my Android phone and there's no option to do that. It might have been an option in the software we were using in the early days of WiFi, but...

*nod* But users can set it up in Android even if it's not offered as a native option, by downloading various apps like this one at the Play store which offer automatic connection to open wifi. It's not difficult to configure.

...it's obviously a massive security hole if you turn it on."

Definitely. But that hardly ever seems to stop anyone.
posted by zarq at 8:34 AM on March 28, 2013


It's something to always keep in mind if you're concerned about privacy - the party providing your internet connection obviously and by necessity can see everything that you are doing.

It's still quite a stretch to assume that once a consumer is on a retailer's WiFi network 1) that consumer has clearly "opted in" to having their every move around the store tracked, stored and probably resold to data-miners who'll combine it with other databases, and 2) the consumer has thus had their privacy concerns "allayed."

I agree it's not clear if the Cisco rep who's quoted there actually means that the mere act of taking advantage of a retailer's WiFi network automatically means a consumer has now opted in to a wide range of tracking activities. Here's the obvious question: should retailers mention the detailed tracking of consumers' behavior in the store aisles (and the fact that retailers can sell that data) as part of whatever pop-up screen appears when a consumer connects to the retailer's network?
posted by mediareport at 8:57 AM on March 28, 2013


It looks like mirrored sunglasses are suddenly a growth sector. Who knew?
posted by one more dead town's last parade at 9:02 AM on March 28, 2013 [3 favorites]


New app idea. When your wifi radio detects an AP that is not in the authorized list it automatically turns the radio off. You could add a hook for GPS so when it sees you're at home or work it turns on again.
posted by white_devil at 9:05 AM on March 28, 2013 [2 favorites]


Yeah, something has gone wrong in translation here, whether Consumer Reports is confused or Sujai Hejela is confused or whoever. Your cellphone can't automatically enter contracts without your knowledge.

What they could be trying to say is:

- If a customer clicks "accept" when connecting to WiFi, they'll have agreed to anything spelled out in the terms, even if it's unlikely they actually read it. So if they agree that the store can snoop on their browsing behavior, they can't object later (although they can and should shop elsewhere).

- Probably, if a consumer clicks "accept" the first time, and the terms say that they will be snooped on whenever they connect to the same store's WiFi even if their phone connects automatically the second time, they'll have agreed to that as well. So a WiFi router could examine the MAC address and say "this phone has connected to one of our stores before, we don't need to show them the terms of service again," and just automatically accept the connection. It might also be possible for routers in all the stores to look alike, so that your phone would recognize them and automatically connect even if you haven't been in that particular store before.

- So to take that a step farther, it doesn't just have to be other GAP stores. Probably if you connect to any Cisco device in any store, you could agree to be snooped on when connecting to any Cisco device in the future without additional warning. This is a great network effect from an evil-business perspective -- the more Snoop WiFi devices Cisco has installed, the more likely a given store can get a customer to automatically connect.

If you add that all up, you could actually end up in a place more or less like the article describes, where a reasonable number of your customers automatically connect to your WiFi without knowing that they've previously agreed to be snooped on. Fun.

Culture-jamming-wise, if this does take off it should be possible to spoof the Snoop WiFi signal and get customers to connect to your network (such as a cellphone in your pocket) instead of the store's network. Then you (where by "you" I mean "a 14-year-old boy") can serve up whatever warning you think is appropriate.
posted by jhc at 9:22 AM on March 28, 2013


It's pretty surprising how quickly this kind of thing has crept into our day to day lives, without much resistance. How long before privacy becomes a luxury product?
posted by davebush at 9:22 AM on March 28, 2013 [1 favorite]


Resistance is futile. You will be assimilated.
posted by Melismata at 9:40 AM on March 28, 2013 [1 favorite]


I honestly think that in any given company the marketing and customer service are zero-sum: the more time and money they spend on marketing, the less they spend on voluntary interactions with customers who seek them out. It's insane that if I try to contact them they'l throw every imaginable obstacle at me, route me through a voice menu system fit to have its own minotaur, and if I get a human he'll have been selected for the properties of epic ignorance in the company's products and incomprehensibility in the caller's language. But they spend shit-tons of money trying to fuck with me in ever more bizarre new ways when I'm not their customer and never, ever will be. This is just pure ass from beginning to end.
posted by George_Spiggott at 9:58 AM on March 28, 2013 [10 favorites]


Most of the folks using the wifi would be partners of the actual shoppers trying to keep themselves occupied. I guess you will have a growing bunch of barcode scanners who might do comparison shopping but tracking that would depend on the applications security and using secure methods can help. Tracking either of this does not bother me as long as they anonymize the users away or be explicit about the tracking (which is what they seem to imply through the opt in). I have no issues with the whole gaze tracking either *if* they can use it to optimize/make my shopping more effective without being overly intrusive. I would reckon the findings would be very very interesting.
posted by asra at 10:01 AM on March 28, 2013


ATT iPhones automatically connect to any ATT wifi hotspot without user intervention.

This isn't even close to new. However I agree with those who are skeptical that an auto-login could be recognised as any kind of consent.
posted by jacalata at 10:26 AM on March 28, 2013


designbot: "A lack of Wi-Fi won't prevent them from identifying you, Thorzdad.

The retailer tracking systems can identify individual shoppers by monitoring your phone’s International Mobile Subscriber Identity number (constantly transmitted from all cell phones to their service providers)
"

This is incorrect. GSM (the standard used in most of the world, and by T-Mobile, AT&T in the US) broadcasts a TMSI periodically. The IMSI is only used for the initial authentication to the network (i.e. when turning on the phone). TMSIs are temporary IMSIs and last as long as a user is at a given cell site. I don't know how CDMA (used by VZW, Sprint in the US, not much elsewhere) phones authenticate in this circumstance.
posted by Xoder at 10:27 AM on March 28, 2013


Tracking either of this does not bother me

I can't tell if this sort of casual attitude toward constant monitoring of individuals (which I often see in these sorts of threads) is just a difference in generations, or it's a result of naive non-cynical innocence, but either way I'm quietly horrified.
posted by Greg_Ace at 10:29 AM on March 28, 2013 [2 favorites]


Thank goodness Amazon doesn't track me.
Seriously though, this is appalling.
posted by entropicamericana at 10:32 AM on March 28, 2013 [1 favorite]


Okay, shut the phone off and put on sunglasses while shopping.

Thanks.
posted by Repack Rider at 10:37 AM on March 28, 2013


Haha, I can do way better than that. I'll be wearing my Faraday Burka™
posted by George_Spiggott at 10:43 AM on March 28, 2013 [4 favorites]


The author of this article seems to have read an already fluffed up Cisco press release, and inflated it all the way to a surveillance state nightmare. Also, if someone working at an "investment firm" says that the sky is blue, you should get a second opinion.
posted by Pyry at 10:53 AM on March 28, 2013


Okay, shut the phone off and put on sunglasses while shopping.

The open questions is whether I should "adjust" myself less, or more, while out shopping.
posted by rtimmel at 11:00 AM on March 28, 2013


Yeah, almost everything in the introduction is hyperbolic and unsourced:
Video cameras record your every move.
Really? My every move? Everywhere? Like, right now?
Your face and car’s license plate are captured and filed in searchable databases.
Oh no, searchable databases are the worst kind!

Later in the article, it says "your face and vehicle license plate can be linked". Wait, they can be or they are? I find it very unlikely that my local Target employs face-detection software to link parking-lot footage of my license plate to my face, and then looks up my DMV records to determine my identity, then tracks me throughout the store. Why would you do that? I'm going to pay with a credit card that has my name on it, for Pete's sake.
Hidden cameras classify you by age, sex, and ethnicity, and even detect your body language and mood.
Really? Really. This is a standard practice for stores now. Really?

Later in the article: "When you look at onscreen video ads, they might be looking right back at you. Tiny pinhole cameras can be built into the monitor. Facial-detection technology determines your age group, sex, ethnicity, and maybe even your mood, so it can serve up a message targeted to you… Vendors, analysts, and critics say big retail chains commonly use digital signage, but the stores we checked either denied it or didn’t respond to our inquiry."

Where do you sit and stare into a monitor displaying onscreen video ads? Are they talking about TV's in the grocery checkout line? "Critics say big retail chains commonly use digital signage"—this is very different from saying they commonly use tiny pinhole cameras that employ super-advanced analytics just to display different ads based on your age, sex, ethnicity, and mood.
Even your bank account records are being pried into.
By who? For what? This isn't mentioned again in the rest of the article.

Consumer Reports lost all credibility with me after that whole "Antennagate" business. This is just really shoddy reporting.
posted by designbot at 11:30 AM on March 28, 2013 [3 favorites]



The walls malls have ears eyes

posted by mmrtnt at 11:46 AM on March 28, 2013


ATT iPhones automatically connect to any ATT wifi hotspot without user intervention.

FWIW, I have an ATT iPhone 3Gs. Possibly, I've just never encountered the right kind of hotspot, but every open ATTwifi network I have encountered (a local one, and a few I've encountered traveling), has asked me to log in first.
posted by octobersurprise at 11:48 AM on March 28, 2013 [1 favorite]


I want to modify my Wifi signature to broadcast whatever data is necessary to get them to give me free chicken. I'll have to study up on how incentive programs are coded and how to game them, but seriously, if stores want to learn about me, first and foremost, I fucking love chicken. Also, I like it to be free and brought out to my house.

...say, who wants to program an app for me.
posted by Uther Bentrazor at 11:51 AM on March 28, 2013 [6 favorites]


It's pretty surprising how quickly this kind of thing has crept into our day to day lives, without much resistance. How long before privacy becomes a luxury product?

It's kind of interesting how the privacy-invading technologies really took-off along with the "privacy is dead" mantra. It's almost as if it was coordinated in some way...
posted by Thorzdad at 12:09 PM on March 28, 2013 [1 favorite]


I just noticed the other day that I was connected to an "attwifi" network. I was not asked and I was pretty shocked. Presumably the phone is shipped with "attwifi" preset as a "known network", and therefore if you have "ask" set to off it will just connect. If this is based on SSID alone with no other verification that it is an ATT operated station then this is irresponsible in the extreme. Any clown can set their SSID to "attwifi".
posted by George_Spiggott at 1:21 PM on March 28, 2013 [1 favorite]


I work for a company that develops eye tracking hardware and software. While I'm not involved in the analytics part of the company, I can assure you that there aren't any eye tracking pinhole cameras spying on you in stores, mainly because eye tracking hadware is still goddamn expensive. Not to mention that it has to be individually calibrated to give any meaningful eye tracking data.
posted by ymgve at 6:26 PM on March 28, 2013 [2 favorites]


This is not happening at Trader Joe's I can assure you.
posted by schyler523 at 7:53 PM on March 28, 2013 [1 favorite]


Any clown can set their SSID to "attwifi".

This also works for the aforementioned Nintendo 3DS- set your SSID to "attwifi" and leave it open and your 3DS will connect to it automatically. It can't tell the difference.
posted by Pope Guilty at 8:38 PM on March 28, 2013


Re: privacy as luxury product.

It already is. For example, Gmail vs. Fastmail.
posted by aniola at 9:08 PM on March 28, 2013 [1 favorite]


Some Kroger stores have started using tracking technology in their stores over the past year in order to follow customer traffic and predict when they'll need additional lines open. If the system is installed at the store you'll see TV screens with three numbers: how many lanes are open now, how many lanes should be open, and how many lanes should be open within 30 minutes. I think, but I'm not sure, that managers get alerts on their phone when the numbers change so they know when to add or remove people from checkout.
I can't say I've noticed any greater efficiency at the stores where I shop, but I guess it would prevent those situations where mega lines form at busy times. I also wonder what other kind of data they can gather. Do they build customer profiles? Can they correlate your movement through the store to your rewards card when you checkout?
posted by arcolz at 1:10 PM on March 29, 2013


I'm with Bentrazor. How do we exploit this idiotic trend to get discounts and free stuff? What's the threshold for being offered 30% off? Look at something four times but don't buy it?

Also: SEARCHABLE databases? Whwhwhwhwhaaaaaat???!?
posted by ostranenie at 6:48 AM on March 30, 2013


octobersurprise: "Gaze trackers are hidden in tiny holes in the shelving and detect which brands you’re looking at and how long for each.

YOUR GAZE HITS THE SIDE OF MY BRAND. I wonder if my gaze will reveal what I think of a shop where the stock is all three sizes too big for me and everything's 80% off.
"

And this is why I love to borrow/swap/lend shopper cards.
posted by Samizdata at 3:49 PM on March 30, 2013


« Older The moment has been prepared for.   |   Are you a giver, a matcher or a taker? Newer »


This thread has been archived and is closed to new comments



Post