Ric Merrifield appears quite enthusiastic about the potential for customer or patient tracking, and has four recommendations for how to make it work well, beginning with:
When possible, let customers opt in or out. For most location-tracking services in consumer businesses such as retail or entertainment, customers need to understand what’s in it for them, and they should be allowed to decide whether to participate.
Remember the FTC’s settlement with Nomi? Nomi promised consumers they could opt-out but its clients – the stores – did not always provide notice and the opportunity to opt-out. So Nomi caught the FTC’s attention for making promises it didn’t keep. Then, too, I recently reported that Nomi had a misconfigured database that raised concerns about the security of data it was collecting. While Nomi claims it doesn’t collect and store personal information, MAC addresses of older phones are persistent identifiers that could be used to surveill people – customers and employees – and develop a pattern of their daily routine.
So why should opt-out be “When possible…” instead of requiring opt-in? Why isn’t it mandatory that our consent be obtained to track us as customers? If you make it advantageous to us to be tracked, we will likely consent. But if you impose it on us…. it’s just creepy, and I’ll likely stay away – that is, if I even know you’re doing it.
Entities should be required to have signs notifying those who enter that the entity would like consent to track them on the premises and how to opt-in. Absent my consent, do not track me.
Read more on Harvard Business Review.