Shops are spying on you – but does it bother you?

Which shops are monitoring GSM signalling? How do they match the phone’s IMEI number to the shop customer? They wouldn’t know the identity of a customer from a phone’s IMEI number. Only a mobile network would be able to do this. It sounds rather far-fetched.

I often use free wifi in many retail businesses, for example O2 and The Cloud. I realise that my visit to each business will recorded by my use of the wifi, but this is the price I pay for using the wifi, so I don’t mind.

Patrick Steen says:

May I give you a recent example… I went to a certain fast-food restaurant of an evening. The next day I was served with a survey from ‘Google Rewards’. I use an Android phone and use this App to earn a bit of money answering surveys. The survey asked me if I was in said fast-food restaurant at said time on said day. I didn’t answer, but Google/fast-food restaurant knew where I was.

Matt Clear says:

Hi NFH – that’s correct, they wouldn’t know your identity from that number – however, they would be able to know how often the user of that phone visits the store, how long they spend in there and how they move around the store. A company called Path Intelligence uses this technology in around 40 shopping centres across the UK, though they wouldn’t tell us which ones specifically.

wavechange says:

I wonder how clever these companies are with interpreting information about individuals. Will they manage to work out that I left without buying anything was because I did not appreciate having to listen to piped music? I hope so.

Sophie Gilbert says:

Something my mother and I love doing when we go past ridiculously expensive items in a department store is to point at the price tag and laugh with our mouths wide open holding our bellies, all silently and with exaggerated gestures, and then walk away, hoping that the CCTV cameras will pick us up. Now that we both finally have smartphones and after reading this article we’ll probably do that even more often.

Tom Wills says:

This article on SpyBlog some years ago said Path were capturing TMSI — a temporary ID number assigned to your phone when it picks up a signal — rather than IMEI. Perhaps Matt has more recent information?

dieseltaylor says:

Might I suggest that when you pay for something that the proximity to a till and your payment card timing would work fine if they wanted to ID you.

BTW the second link takes you to an archived copy
Which? Archive
This article, Protecting personal details, was last updated on 30 July 2008 and is now out of date and held in our online archive for reference. Explore our latest Technology articles.

Alex Toplis says:

Thanks for spotting that one Dieseltaylor. I’ve removed it and added a different link further up the article. It’s about security tips when using public wi-fi so will be a little more useful. I’ve also added a link to the best and worst high street shops in the useful links section 🙂

wavechange says:

Ever since Google Street View arrived it has been obvious that Big Brother is watching us and there is little we can do about it unless the surveillance is illegal or we can introduce legislation to make it illegal.

I’m happy with surveillance if it helps to catch shoplifters and deter crimes such as assault on staff and other customers.

I wonder how much this monitoring of our behaviour costs, though it is obvious that customers are having to pay for being watched.

NFH says:

Google Street View is not surveillance. It is a one-off snapshot of public places, the same view that can be seen by anyone.

wavechange says:

It might not be surveillance but many are not very impressed by the invasion of personal privacy, which is an important factor in surveillance.

NFH says:

I don’t see how Google Street View is any invasion of personal privacy. It is only a snapshot of what can already be viewed from public places.

Last year I saw the Google Street View car while walking along a main road. I remembered the place, and several months later I managed to find myself on Google Street View. I don’t have a problem with this. I was in a public place and in any case Google blurred out my face.

wavechange says:

I’m not concerned either but there were a lot of protests when Google introduced the service and many are still not happy with it. Rather than acting professionally and checking photos for faces and registration numbers, Google waits for complaints. A couple of my nephews appeared on Google Earth and so did the my neighbour’s car parked on the drive, neither faces or the number being blurred.

There were many complaints back in 2009 (some information is still online) but now most of us just accept the loss of privacy.

I have no problems with surveillance in shops in connection with crime, but I do wonder what shops might do with what information they collect. Perhaps I shall leave my phone at home next time I visit Tesco.

NFH says:

I don’t understand why people aren’t happy about Google Street View. Nearly all faces and number plates are blurred out. Compare this to Yandex Panoramas (Яндекс Панорамы), the Russian equivalent of Google, which doesn’t blur out faces or number plates in any of the countries that it covers.

The Germans seem to take particular exception to Google Street View. Try looking at Berlin, including very prominent places such as Checkpoint Charlie, and you’ll see lots of buildings greyed out because residents have requested this. Although I admire the Germans’ approach to privacy, they take this to an unreasonable extreme when it comes to Google Street View. Consequently Google discontinued adding new German cities to Street View.

Patrick Steen says:

Have you ever been on Google Location history? As I have an Android phone, it uses my location. I’ve just been having a look and it has all my historical journeys, including me going from home to work etc etc. It’s a bit creepy and I’m going to delete all the data: https://maps.google.com/locationhistory/

wavechange says:

You can turn off this feature, Patrick. https://support.google.com/accounts/answer/3118687?source=gsearch

NFH says:

Patrick – I have an iPhone but used to use Google Latitude before it was discontinued in 2013. I opted in to Google recording my location history. I found myself often wanting to know when I had been to a particular place, and this location history was a very useful reference. Now the iPhone optionally records one’s location history locally on the device under “Frequent Locations”, which is equally useful and is not stored on a third party’s server.

Patrick Steen says:

Thanks Wavechange, I had it turned off for one google account, but not the other. All off now 🙂

clint kirk says:

I’ve turned off Google Location History a long time ago, but when I had it on I found that it was recording that I had travelled 523 miles while I was fast asleep in my bed. What was happening was that it couldn’t pick up a GPS signal indoors, but was hopping between several mobile phone masts throughout the night and recording those as journeys.

John Ward says:

I suppose his has its uses for people needing to set up an alibi – they can send somebody out with their Android. Not that I require this facility at the moment.

wavechange says:

I cannot really imagine you out and about with a robot that looks like a human, John.

John Ward says:

Always one step ahead, Wavechange!

No, obviously I meant “Android phone” as frequently promoted by Patrick. I wouldn’t mind having a personal robot though, especially if I could navigate it from the comfort of home and transmit instructions to it while it was working for me.

dieseltaylor says:

Kingsgate Shopping Centre Huddersfield

” If visitors want to use the centre’s free wifi, they are asked to hand over information. To sign in they’re encouraged to use social media services such as Facebook, and agree to giving Purple wifi access to elements of their Facebook account, including their email address and likes. This information can then be used to target bespoke emails.

“What we can do is target our marketing more specifically,” said centre manager Jonathan Hardy. “What it will enable us to do in future is to say to loyal customers, to specific genders or age groups…. we have these offers on at this specific shop that will appeal to you.”

Using the free wifi also means shoppers “like” the Kingsgate’s Facebook page, meaning its Facebook posts will appear on shoppers’ friends’ newsfeeds.”

From Channel 4 program 25/3/14
channel4.com/news/shopping-centre-wifi-tracking-spy-data

I routinely keep my phones off as I only wish to use them when I want to call people.

Lady London says:

Be careful, technically phones can track you even if it it switched off. To make sure you would need to remove the battery.

dieseltaylor says:

I ought to mention perhaps that I have been receiving Mobile Commerce Daily since May 2014 so actually have a raft of information on developments from the Commerce viewpoint. It tends not to mention the data leaks and privacy issues.

The European experience during the last century and the treatment of Dr. Kelly make many people question how much should you trust the “Government” with all information. Whistleblowers need protection and if we are all logged somehow somewhere that may well discourage citizens from spilling the beans to the detriment of society as a whole.

If we are to increasingly monitor people then we need to make sure people are fully aware that commercial entities do not deserve the same “trust” as the Government. There is a lady AFAIR in the US who is maintaining we should be paid by the marketing companies to study our habits not get a free ride off our data and them be able to sell it interested parties..

Howard T says:

Perhaps it’s my age but I find such actions intrusive and rather insidious just as I find that if I’ve looked for a product online I then get bombarded with adverts for that product. It all smacks of Big Brother.

NFH says:

You can do a lot to prevent this by automatically deleting your cookies every time you start your browser. Cookies are the means by which web sites track the web sites you have been looking at or to which you have deliberately authenticated. Try using Firefox and install an add-on called CookieCuller. Every time you start Firefox, CookieCuller will delete all of your cookies except for those you specifically choose to preserve, for example because you don’t want to have to re-log into a particular site every time you use your PC.

wavechange says:

It should be the default NOT to track us. If we want targeted advertising we should have to opt-in, just like we should have to opt-in to receive marketing calls and to be tracked via our mobile phone.

clint kirk says:

Wavechange, there is already a “do not track” request sent with the HTTP headers of most modern browsers, so what you say is supposed to be already in place. Unfortunately, in practice, this doesn’t seem to work because it relies on websites to voluntarily respect your “do not track” request.

Roy D Christon says:

Age concern bothers me, why does a charity shop need this .why waste the charity money on something like this when it does not benefit those who need it. I will no longer support them by donating or supporting them through this blatant waste of donated money.

stubbles says:

Several years ago the BBC regional news program for this area reported that one of the main shopping centers in one of our cities was using this technology. The owners of the center said that there was a sign up at the entrance to inform people about it. But the sign was so small that when shoppers were asked if they had seen it they all said ‘no’. There was a big outcry about it and in the end the system had to be turned off due to public demand and people avoiding the shops. So I’m suprised that the industry has still pushed for this invation of personal privacy to go ahead.

There needs to be a new law that says nothing can be introduced that automatically opts people in to something, even if they have the right opt out. Everything must be ‘opt in’ only. This is a basic human right. Nobody has the right to opt anybody in to anything without asking first.

Many people don’t know about tracking in the first place so they can’t opt out and why should they have to spend there time doing so anyway. As for people being tracked as they walk passed a store without even going inside, who would bother spending time to opt out of that ? So we end up being monitored even if we don’t want it. It has to be stopped and made into opt in only. That’s not all bad for the store because they can use incentives like offers to get people to sign up to tracking.
I hope Which? will campaign for an ‘opt in’ only law for everything.

John Ward says:

24 March 2015

We are celebrating the 800th anniversary of the Magna Carta this year. It needs updating: “Except by the will of Parliament the Citizen shall not be opted-in to anything without their express consent”.

wavechange says:

27 March 2015

Ah yes. Magna Carta, also known as Magna Carta Libertatum (Latin for “the Great Charter of the Liberties”). With all this surveillance, perhaps too many liberties have been taken.

Patrick Steen says:

I was bemused when I had a receipt asking whether I’d like a test to see if I had a cold/flu after buying some cough sweets from Boots. What next, a receipt asking if I’d like dietary advice if I buy a Snickers?

John Ward says:

24 March 2015

Knowing the personal and intimate things available in Boots the mind boggles.

A responsible health shop and pharmacy wouldn’t sell chocolate bars and othe foodstuffs devoid of goodness.

macca says:

24 March 2015

they dont just spy they use details and bomb ya with sales calls and junk mail then sell your details to other call centers

Davy Nook says:

I bought a smartphone case very cheaply from China which acts as a Faraday cage to slip in the smartphone. It means that you are “incommunicado” for the duration but is useful if you wish to frustrate any followers and its use is not an onerous habit to acquire.

John Ward says:

For generations schoolboys up to no good have been on the lookout for something that will make them invisible and frustrate followers. As their escapades evolve in the digital age I think you’ve hit on the closest possibility yet.

wavechange says:

You would need to bring Harry Potter into the 21st century, John.

Beryl says:

In Japan it is not at all uncommon to see people wearing white masks. I was told they were them if they have a cold to stop it spreading or if they suffer from allergies. I am not sure what the response would be if I walk into Waitrose incognito wearing one of these if I explain to them I am wearing it for health reasons and I am also allergic to the scent emanating from the perfumed candles and sprays on display!

John Ward says:

We noticed a lot of Asian tourists [possibly Japanese] in Italy last year wearing masks. I wasn’t sure whether they were protecting themselves against the pollution of Napoli or protecting others from their own infection. In view of the numbers involved I deduced it was the former. They seemed content to wear the masks for much of the time, as though it were habitual and the usual practice in their own country. A change of atmosphere, even without pollution, can cause a reaction; even going from Norfolk and spending a few days in London I notice the difference and am glad to get home, but I don’t think I would wear a mask. I’m not referring to Waitrose here, but I should appreciate it sometimes if the staff on the deli counters and other open serveries would cover their mouths and noses. The glass counter screens in the post office are a good demonstration of how airborne infections can proliferate.

John Ward says: