By Ken Magill
The company did nothing substantively wrong. It exposed no one’s personal information. It doesn’t even collect personally identifiable information.
The Federal Trade Commission recently filed a complaint against Nomi Technologies, a company that places sensors in some New York bricks-and-mortar retail locations that anonymously track signals from people’s mobile devices.
According to the complaint: “Nomi uses the information it collects to provide analytics reports to its clients about aggregate customer traffic patterns such as:
“A. the percentage of consumers merely passing by the store versus entering the store;
“B. the average duration of consumers’ visits; “
“C. types of mobile devices used by consumers visiting a location;
“D. the percentage of repeat customers within a given time period; and
“E. the number of customers that have also visited another location within the client’s chain.”
Useful information, no?
So what heinous crime did Nomi commit that warranted the FTC—a group whose staff ironically has no idea how trade actually works—marshaling its vast, sloth-like resources?
However, according to the FTC, neither Nomi nor its clients disclosed to consumers in the retail locations the service was being used. What is more, consumers were not given the promised opportunity to opt out of Nomi’s service in the stores, according to the FTC.
In May, the FTC published a consent order subjecting Nomi to 20 years of government oversight.
“The odd aspect of this complaint and consent order is that Nomi did not track or maintain information that would allow the individual consumers to be identified,” wrote attorney Elizabeth G. Litten in a blog post. “The media access control (MAC) address broadcast by consumers' mobile devices as they passed by or entered the stores was cryptographically ‘hashed’ before it was collected, creating a unique identifier that allowed Nomi to track the device without tracking the consumer him/herself.”
“Odd” is certainly one way to put it. “Infuriating” would be another.
Translation: The majority at the FTC is far more concerned with expending the resources American taxpayers finance on trivial nonsense than actually protecting consumers.
The FTC clearly has way too many people without enough serious work to do.
To make matters worse, privacy policies aren’t even required by law.
As constructed, that second sentence actually says the FTC is not required by law, but we know what the illiterates at the Small Business Administration mean. Privacy policies are not required by law.
No. It. Is. Not.
Actually, everyone has better things to do with their time. Some consumer freaks and FTC bureaucrats just don’t realize it.
Why in the world would any company publish a legal document not required by law that can only come into meaningful play when government officials use it to bludgeon the company?