Access to location data: ethical business tactic or privacy violation?

others   |   
Published January 7, 2020   |   

It’s not uncommon for working professionals like you and me to come across ads on the internet. Almost every website you visit or app you use does location-based advertising. While sometimes we feel treasured for all the tailor-made ads that make our lives easier, this has a whole other shady side to this. This article is going to be a mix of arguments (for and against) location-based targeting aiming to debunk the myths around data collection, the privacy of the user, what’s fair and unfair, and more. On one hand, location data helps in easily navigating to virtually any destination possible from the current location, quickly grab a bite of your favorite food through pop-up ads when you’re at a location close to the restaurant, and more.

But, is this the right approach? As a user, have you ever thought if you have given consent to the use of this information? What if instead of a restaurant, some other person has access to your location and has a high chance of abusing the data?

Ryan Calo, an assistant law professor at the University of Washington and an affiliate scholar at Stanford’s Center for Internet and Society says, “In the early days of Nest, some of the employees would try to figure out where another employee was, and they’d look at the network to see if that person was home or not,” he says. Google, which now owns Nest, declined to comment. Read the complete Bloomberg article to know how privacy gadgets use our data.

Locations data is not a regulated industry

This means there’s no law that defines what’s ethical and what’s not. So, this gives people who use locations data too much power, so much that it results in abuse and breach of private and unsolicited information. But, for the ease of communication and improving user-experience, the use of information to a certain extent that does not creep the user out, is permissible. Now, there is no law that defines what is permissible, right? So, how do we know this?

What’s permissible?

The only right answer to this is letting the consumer decide. Whether all companies that collect data do this or not, this would certainly be the right thing to do. As for the apps and other companies that utilize location data to improve user experience, they must get the consent of the user through explicit privacy policies.

These policies must clearly state how exactly this data is going to be put to use and to whom it would further be shared. Also, the users in the present day, are not really aware of what’s buried deep beneath the checkboxes that get the consent of the user. More often than not, users of a particular app or service do not read these policies in detail before signing up.

While it is only fair to say, the users were not proactive and careful –  as data collectors, you also have a partial responsibility in insisting on doing so being aware of generic user behavior. If you intend to use and pass on the data, let the user know somehow. You can probably highlight the most sensitive portions of the privacy policy with multiple carousels and finally include a learn more hyperlink that has the least important or sensitive disclaimers.

The difference between what is considered fair and unfair.

Let’s say, Ted loves burgers. He’s often spotted at a burger joint in the city having his afternoon meal, every day for the past six years. Occasionally he has burgers delivered by a food delivery app from the same burger joint at his workplace or on the days he’s at home. Now, the food delivery app has access to Ted’s locations. This necessarily means they have complete knowledge about where he goes and how often. The app has Ted’s consent to further distribute data to its partners and utilize the location information to enhance Ted’s experience with the food delivery app.

The app has been tracking the movement of Ted and some trends were identified. He seems to have been visiting a diabetic center every week for the past nine months. A brand, let’s call them “Diatal” has partnered with the food delivery app for users’ location data. Diatal sells zero-calorie sweeteners – most ideal for people with diabetes.

One afternoon when Ted was walking towards the burger joint, he gets a cold pitch (text message) from Diatal that read “ Hi Ted! Are you visiting your favorite burger joint? Let me tell you this, people with diabetes must be watchful of what they eat and junk is not such a healthy option. We can help you with a revamped diet plan and the perfect alternative to sugar”.

This would not just be a cringe-fest for Ted, but also the worst example of pitching your product with complete insensitivity to timing, privacy, emotions, and appeal. Let’s further analyze this.

What’s right?

First up, the food delivery app did get Ted’s consent to pass on his information to their partners which clearly means Diatal has the consent of Ted to send him contextual location-based advertisements.

What’s not right?

The approach. Since Diatal knows for sure that Ted is diabetic and they see a perfect fit to place their product in the scenario, it would have still been reasonable if they had contacted him to understand if he is in need of an alternative to sugar and convince him that their product was ideal. But, instead, they created a story out of his everyday movement and accused him of eating junk and offered an insensitive consultation.

How does it affect the user?

Ted is probably not ready to discuss his health status with anyone. He probably wants to keep it a secret. Heck, even if he doesn’t, he is being attacked for his food choices however inappropriate it is. In this scenario, access to his mobile number and current location is not the breach in itself, but the fact that his movement is being used to disclose his life happenings that he’s not ready to reveal in the first place.

Why is location-based targeting necessary?

Display ads are amazing, aren’t they? It would be appreciated more if it is contextually placed. It would be a great experience for a blogger (beginner) looking to have their own WordPress site for blogging to see a contextual ad for a free keyword analysis tool. Contextual advertising is strategic, induces engagement, and improves conversions. The same works for location-based advertising too.

It would always be nice to improve the customer experience with contextual communication. Wouldn’t it be great if Nike sends out a text message about its price discounts or free coupons when you are close to the store? Contextual marketing based out of locations data is always a win-win for the customer as well as the seller. The only catch is how fairly and strategically you deal with the data.

Locations data combined with numerous other factors like weather, sales inventory, footfall traffic, and more can work magic for your business as it helps deepen customer relationships and is accurately measurable.

Final verdict

I’m all for modern-marketing tactics. Digital marketing, in the present day, revolves around hyper-personalization backed by the power of data. The only concern here is how sensitive we are to privacy and how much do we respect boundaries? Thanks to regulations like GDPR, CCPA, PIPEDA and such regulations that give greater control to the customers on how their data is being used.

marketoonist 1

But, as for the checkbox approach that users are not keen on, it’s a different story. It puts across the question of multiple clauses buried in the privacy documents that hold access to sensitive data. Be explicit of your location-based targeting or ethical about it. Either way, ensure that the customers know.

The data at your disposal must not be abused and at the same time, you must know the right approach. A simple way to regulate this would be through well-structured privacy policies, ethical business practices and partnering with companies that do this.

As for location data, there are many data providers in the market. These companies, like,  Factual, Cubeiq must ensure that they partner with companies and agree to provide data to those who have ethical practices in place and well-structured privacy policy.

“Don’t put the privacy of the user in jeopardy in order to feel empowered with information”.