Bold Business Logo

Geofencing and the Consumer – An Unreasonable Privacy Violation

For many, the term geofencing may not be something with which they are familiar. That’s not surprising, since its use on a larger scale has only been around the last few years. In essence, the term refers to accessing location data and search data on electronic devices at specific places and times. This has notable advantages for businesses trying to market to specific geographic segments. But increasingly, geofencing is being used for much, much more. In fact, its use has become rather routine for law enforcement today in an effort to identify potential suspects. But this is raising significant invasion of privacy concerns among many consumer and citizen advocacy groups.

(Data is the new oil for the Digital Age–read more in this Bold story.)

As American citizens, we each have the right to privacy and freedom from unreasonable searches and seizures. The U.S. Constitution guarantees these rights and protections in the Bill of Rights’ Fourth Amendment. But when it comes to geofencing, it seems these protections are being thrown out the window. Anyone who happens to be in a specific area at a specific time is at risk for an invasion of privacy concerns. How did this happen? The answer is a bit convoluted, but the bottom line is that citizens and consumers alike need to demand change. If we don’t, all of run the risk of indiscriminate access to our private data that could lead to our own demise.

“If the Government is to continue to employ these [geofencing] warrants, it must take care to establish particularized probable cause. As the legal landscape confronts newly developed technology and further illuminates Fourth Amendment rights in the face of geofence practices, future geofence warrants may require additional efforts to seek court approval.” – Judge Hannah Lauck, U.S. District Court, Eastern Virginia

The Rise of Geofencing

Most businesses that have used Facebook or Google ads have likely relied on geofencing to target a consumer market. As soon as they set the mile-radius of their targeted ad, they’re employing this technology to find specific consumer segments. This allows people in a certain area to receive ads about local happenings and offerings. In essence, Google and many other tech companies leverage user location and search data to drive ad conversions. But since 2018, tech companies haven’t been the only ones interested in this information. Increasingly, law enforcement agencies are seeking this data to help them solve crimes. As a type of “reverse search,” it greatly increases their ability to find potential suspects by casting a large net.

some geofencing/cybersecurity thing going on
Geofencing is a great tool when used correctly–but guess who abuses it?

In order for law enforcement to access this data, they first must obtain a warrant from a judge. Interestingly, however, this isn’t much of a barrier as such warrants are routinely provided without invasion of privacy concerns. Once obtained, law enforcement approaches tech corporations and demand that they hand over user data. This data not only includes users in a specific location at a specific time. It also includes users who searched specific keywords in that moment as well. Google specifically has claimed a quarter of all legal requests today are geofencing requests. They not while such requests were less than 1,000 in 2018, they now exceed 11,500 annually. And unless you’re targeted as part of these investigations, you probably are unaware your data was ever considered.

“In dense, urban communities like the ones I represent in Brooklyn, hundreds or thousands of innocent people who merely live or walk near a crime scene could be ensnared by a geofence warrant that would turn over their private location data. And keyword search warrants would identify users who have searched for a specific term, name or location.” – Zellnor Myrie, New York State Senator

Constitutional Invasion of Privacy Concerns

The Founding Fathers of the nation recognized the power of unrestricted access to citizen information. Their invasion of privacy concerns is what prompted the drafting of the Fourth Amendment. This amendment protects the rights of individuals to be secure in their homes, persons, and effects from unreasonable searches. And while the Constitution certainly didn’t mention cellphones or electronic devices, these do apply. In 2018, the U.S. Supreme Court ruled individuals had every right to expect reasonable privacy protections in their devices. But the ruling didn’t stop law enforcement or corporations. It simply encouraged the use of warrants and user agreements as a way around these obstacles.

From a consumer side, geofencing takes user data and information to alter online experiences. Whether it’s Google, Facebook, Amazon, or others, user data enables a more targeted interaction with consumers. In some cases, this data is even sold to third parties who use the data to their business advantage as well. But the real invasion of privacy concerns involves the potential criminal repercussions. When law enforcement uses geofencing warrants, they capture data without any probable cause from innocent bystanders. While courts are beginning to rule in this direction, the practice remains widely used nationwide. And in some cases, these privacy violations have led to significant detriment to blameless individuals.

Reeling in Unlawful Surveillance

In 2019, over 15 billion data breaches and cybersecurity attacks where personal information was exposed. In the same year, 46 billion people were victims of identity theft. In 2018, a man in Avondale, Arizona, was arrested and jailed for six days based on geofencing data for a murder he didn’t commit. In the process, he lost his job, had to drop out of night school, and had his car repossessed. The one thing all of these events have in common is the unconstitutional violation of our privacy. Geofencing is simply the latest technique being used to see just how far these types of actions can go. And it specifically should be triggering invasion of privacy concerns among us all.

(Read up on how businesses are muzzling cyberattacks in this Bold story!)

Without question, consumers and citizens need greater privacy protections today. Governmental protections have failed to keep pace with technological advances. Likewise, businesses and corporations have neglected their ethical responsibility to protect their customers. From legal and moral perspectives, it seems quite clear that practices like geofencing without clear individual consent is wrong. Thus, it’s essential that we recognize the unconstitutionality of these practices and demand change. How this change evolves remains to be determined. But our invasion of privacy concerns must encourage progress in this area if we hope to preserve our inherent rights.

Time for Businesses to Step Up

Understanding the landscape, it’s quite clear that businesses need to play a significant role in protecting consumer privacy. Big tech companies have ethical and moral duties to uphold consumer rights as citizens and self-regulate themselves. They also have deep knowledge of the actual privacy threats that exist, and they have the means to address them. Unfortunately, these same companies are often the ones violating consumer protections. Many use geofencing techniques to target ad campaigns to specific consumer groups. And some provide this data to third parties, further undermining consumer trust and safety. If we truly want to address this issue head-on, businesses must acknowledge and embrace their privacy protection responsibilities.

(Self-regulation in the digital world? Yes, it’s real, and real successful. Read more in this Bold story.)

“The discretion companies can exercise when it comes to information privacy and the ethical implications of this discretion entail that information privacy is a question of corporate morality.” – Irene Pollach, Aarhus School of Business, University of Aarhus

Geofencing and Keyword Search Practices

When it comes to protecting consumer privacy, safeguards against hackers, ransomware, and malware are certainly important. In the U.S., companies must now comply with the Federal Trade Commission’s data protection laws in this regard. If they do not honor these privacy protection responsibilities, such companies may be subject to major fines. But these are not the only threats to consumer privacy today. For many years, Google, Facebook, Amazon, and others have used geofencing and keyword search data for targeted marketing. In essence, these technologies locate consumers by location using GPS locators on their electronic devices. Or they target them by the specific search terms they use when surfing the Internet. These are common practices that steal consumer data as well.

Some dude doing something sketchy with a laptop
Who would you rather handle cybersecurity and geofencing–a business whose success is predicated by making the consumer happy, or the government?

While geofencing and keyword search data may not seem as invasive, they can be. The information gleaned from these practices reveal a great deal about a person. In fact, law enforcement has been securing geofencing warrants lately to help them locate potential suspects near a crime. In addition, as consumers return to brick-and-mortar stores in a post-pandemic world, several retailers are tapping into these practices. By knowing a person’s proximity to the store, they can push specific ads to their smartphones. But is this really attending to privacy protection responsibilities of their customers? Are they really protecting consumer privacy, especially when this information is offered to others?

“The ‘surveillance advertising’ business model is premised on the unseemly collection and hoarding of personal data to enable ad targeting. This pernicious practice allows online platforms to chase user engagement at great cost to our society…” – House Representative Anna G. Eshoo of California

Current Efforts Insufficient and Inadequate

This is not to say that Big Tech isn’t investing some energies in protecting consumer privacy rights. Apple’s latest version prevented the use of unique device data for tracking purposes among sites. Prior to this, even Apple customers who refused access to personal identifiers couldn’t prevent device tracking tactics. This simple move was enough to cost Facebook millions in share-values because of the impact it had on its advertising. But while this is a step in the right direction, it’s hardly enough, not to mention only one company. If Big Tech is going to take their privacy protection responsibilities seriously, much more is needed. Not only should consumers be better informed, but companies must be more transparent and proactive.

A government dude talking cybersecurity
Remember when the government handled all of our cybersecurity issues and neutralized all threats? Yeah, me neither.

In terms of geofencing warrants, several Big Tech companies have stepped up to condemn the practice. In 2013, several formed the Reform Government Surveillance group, which now has 11 members. The group together oppose geofencing warrants because they believe it violates Fourth Amendment rights. But this isn’t the only motivation. Google led the list of members that had to respond to geofencing warrants in 2020. Thus, Google stands to save some internal costs and headaches by supporting such legislation. Likewise, the company had said nothing about curbing its own geofencing strategies for marketing purposes. If Google and others are truly interested in protecting consumer privacy, this would also be a priority. Instead, it appears they’re doing the minimum when it comes to their privacy protection responsibilities.

“Privacy involves many parts of the business, and the right technologies, ideas, and talent have to be used in order to make this a successful endeavor.” – Anna Garcia, Chief Data Privacy Officer for IKEA Spain

CSR Includes Protecting Consumer Privacy

There are plenty of companies that invest in their privacy protection responsibilities. In fact, many corporations have data privacy officers and pursue greater consumer transparency. But at the same time, many others take a more superficial approach to protecting consumer privacy. From a business perspective, this will likely come back to haunt them. Surveys suggest that more than 70 percent of consumers opt to patronize companies with their privacy rights in mind. But the motivation for businesses to prioritize privacy rights should originate from a more ethical base. Government actions and consumer self-efforts are important, but businesses must take on the bulk of the work. This reflects true corporate social responsibility, especially since businesses are best suited to identify and implement the most effective solutions.

 

Bold is big on letting businesses get things done and having Uncle Sam butt out. Did you know there’s a ban on whipped cream in New York?

First They Came for My Whipped Cream: A Story of Governmental Overreach

A story made the headlines over the last few weeks about a law in New York involving a ban on whipped cream. Many grocery and convenience stores had begun asking for age identification for people wishing to buy canisters of these products. As it turns out, the law was actually passed in November of 2021 and sponsored by a New York state senator, but its enforcement didn’t occur until recently, which prompted many stores to adopt new policies.

Naturally, New York’s whipped cream law had some underlying good intentions. Senator Joseph Addabbo advocated for the bill’s passage last year in an effort to curb teen drug habits. Inside these whipped cream containers hides small amounts of nitrous oxide. If nitrous oxide is inhaled, one can enjoy a brief moment of euphoria that can actually be addictive. And according to Addabbo, the issue was quickly becoming out of hand in his district. But good intentions alone rarely guide the best course of action, especially when resources are limited. And it’s times like these we need to step back and reassess the logic of our actions.

“Sadly, young people buy and inhale [nitrous oxide] to get ‘high’ because they mistakenly believe it is a ‘safe’ substance. This law will eliminate easy access to this dangerous substance for our youth.” – Senator Joseph Addabbo

A Closer Look at New York’s Ban on Whipped Cream

Before we look at the rationale behind New York’s whipped cream law, it’s perhaps even more important to examine the actual statute. Indeed, the law does impose a ban on whipped cream, but it doesn’t do so on grocery store products. Instead, it actually prohibits the selling of whipped cream chargers to those under 21 years of age. What’s a whipped cream charger? Better known as whippets, these chargers are small 2-inch long cannisters are used to aerosolize whipped cream cans. Thus, while whipped cream cans do have nitrous oxide, that’s not the item cited in the law. In actually, New York’s whipped cream law only pertains to nitrous oxide cannisters called whippets.

Given this, it’s immediately clear that grocers and convenience store owners have misinterpreted their responsibilities. Certainly, makers of Reddi-Wip and other whipped cream products aren’t too upset about this. After all, the publicity alone can’t hurt. But at the same time, it highlights how we as citizens and consumers accept some of the silliest legislation as reasonable. Perhaps there may be some rationale to preventing teens from accessing whippets. But a ban on whipped cream in total is far from logical or even practical. Yet here we are with food stores all over the state changing the way they screen whipped cream purchasers. Misinterpreted or not, New York’s whipped cream law shows just how ridiculous some governmental policies are.

“I know it does seem silly, but we definitely see that there are certain teenagers that are abusing cans of whipped cream.” – Erica Komoroske, Spokeswoman for Stewart’s Shops

Getting Legislative Priorities Right

Without a doubt, teen addiction is something deserving of our attention. No one would argue that point. Based on statistics from the National Institute on Drug Abuse, nitrous oxide addiction is a thing. Of children and teens between the ages of 12 to 16 years, roughly 4% have tried nitrous oxide. But in addition to its pleasing “high” and anti-anxiety effects, it can cause some negative adverse reactions. In the short term, it can cause blood pressure to drop and even cause heart problems. Longer term, it has been linked to memory loss and mental health issues. These were the things that the New York whipped cream law hoped to prevent. But a ban on whipped cream cartridges or cannisters is hardly to be very effective.

Contraband all lined up
Yes, the New York Whipped Cream Law is real. Yes, it’s also a joke.

Let’s look at this issue from a larger perspective. Child obesity is a tremendous epidemic affecting a third of children. A diabetic epidemic among youth also exists. These are associated with a much broader array of health problems when compared to whippets. But to date, no state has placed restrictions of sugary food substances or high-fatty foods. In fact, none have placed a ban on whipped cream either. From a different perspective, legislation has yet to require mental healthcare coverage for all Americans. Understanding that mental health issues likely underlie nitrous oxide abuse, prevention efforts to begin with make much greater sense. By these comparisons, New York’s whipped cream law looks ridiculous. Of all the possible solutions addressing child and adolescent health problems, a ban on whipped cream is not the answer.

(Read about the diabetic treatment and a new approach to gut health in this Bold story.)

“Requiring age verification when purchasing whipped cream is another classic compliance burden placed on convenience stores in New York State.” – Kent Sopris, President of the New York Association of Convenience Stores

Constraining Business Innovation

Legislation like the one involving New York’s whipped cream law wastes precious resources. The most obvious ones involve the time state lawmakers spent time sponsoring, recruiting, and lobbying for its passage. Taxpayers’ dollars supported all of these efforts for a ban on whipped cream cartridges that isn’t likely to be of value. But does the law even make any strides to solve the issue it cites? If teens have little problem skirting around laws against alcohol and marijuana possession, how effective can this law be? This is certainly the case as cannabis legalization advances. All of this suggests New York’s whipped cream law has been a tremendous waste of time and energy.

There is also a much large issue at hand related to New York’s whipped cream law that involves businesses. The real victims of the ban on whipped cream sales to date have been grocers and convenience stores. They are the ones who had to deal with the confusing details of the law and impose new policies. The effort spent on the ban of whipped cream detracted from other pursuits that might actually be of value to their customers. As is the case with many governmental actions, excessive oversight diminishes opportunities for creative innovation. New York’s whipped cream law is the perfect example of a statute that imposes opportunity costs on business. Not only is it not business owner’s responsibility to oversee individual teens behavior. It’s also not their responsibility to be the enforcers of laws that undermine their ability to compete in the marketplace. A ban on whipped cream might be a small step in that direction. But if businesses refuse to push back now, it may come back to haunt them later.

 

Want to control your cost efficiency and protect your bottom line? Bold Business can help.