
MoviePass CEO says the app tracks your location before and after movies - vorpalhex
https://techcrunch.com/2018/03/05/moviepass-ceo-proudly-says-the-app-tracks-your-location-before-and-after-movies/
======
slg
MoviePass announced their their new, improved, and unrestricted plans in
August. We all knew the $10 a month plan was not going to be profitably by
itself. In the last week they have started blocking out specific movies,
requiring some users to provide photographic proof of their ticket purchases,
and bragged about collecting data outside what is described in their TOS. This
is after already locking out customers from using the service at some of AMC's
flagship theaters. Who had it had it at roughly 6 months before MoviePass
started running out of money and needed to resort to trying to milk every last
cent out of the theaters, studios, and moviegoers?

~~~
AlexandrB
> We all knew the $10 a month plan was not going to be profitably by itself.

How is this kind of "growth hack" not simply dumping[1]? The only new
development here is that dumping is no longer limited to large companies with
large war chests thanks to the availability of venture capital.

The more interesting question is can healthy, truly profitable technology
companies develop in an environment where they have to compete with startups
that are ready and willing to undercut them by losing tons of investor money.
I don't think the current status quo is good for the long term health of the
valley.

[1]
[https://en.wikipedia.org/wiki/Dumping_(pricing_policy)](https://en.wikipedia.org/wiki/Dumping_\(pricing_policy\))

~~~
JumpCrisscross
> _How is this kind of "growth hack" not simply dumping[1]?_

"Dumping" is bad because it harms unsubsidized competitors. (It also pits
foreign governments against private companies.) I fail to see who MoviePass
hurt except its own investors.

> _Can healthy, truly profitable technology companies develop in an
> environment where they have to compete with startups that are ready and
> willing to undercut them by losing tons of investor money_

Lyft seems to be doing fine.

~~~
Jasper_
> I fail to see who MoviePass hurt except its own investors.

Games on the iOS App Store are generally free (or 99 cents). It is not
profitable to recoup your costs by selling the product, because consumers will
not pay for an app that costs more money than $1. In order to sustain this
environment, the industry has moved to selling data, ads, and other sort of
nonsense.

Let's suggest that MoviePass successfully "disrupts" the industry and then
gets bought out or dies. What happens if this disruption permanently causes
admissions revenue to go down, because consumers expect $10, and as such,
movies to be substantially more unprofitable to make?

This sort of long-term "environmental impact" never seems to come up as long
as we can pile more ads and tracking on top to make up the difference in
unreasonable business models.

~~~
tyfon
> because consumers will not pay for an app that costs more money than $1

I'm quite the opposite. If a game on the play store is low priced/free and
contain the "in-app"-purchases label I run far away.

It's a bit sad as some use this method as a demo with only a "full game"
unlock in-app and I won't know. But I've been burned by that in the past, i.e.
buy a full version without adds of a game and having the "full version"
destroyed by adds a year later.

I'm generally extremely wary of buying anything on the play store now and have
resorted to only using mail, signal, firefox with ad-block and my public
transportation ticket app.. And the PS4 apps

~~~
mcintyre1994
Not sure if Play Store has the same thing, but the App Store lets you expand
the IAPs if you scroll down, so you can see whether it's just a full game
unlock or garbage ingame currencies.

------
whoisjuan
Any app that asks for your location can and will track you. This is so
lucrative that Foursquare pivoted the whole company around the concept of
location data as a service
([https://enterprise.foursquare.com/](https://enterprise.foursquare.com/)).

Fortunately, you just need to revoke the permission (or don't grant it in the
first place) if you want to avoid being tracked. If you're concerned about
this, I'd definitely suggest doing a quick check of the apps that track your
location and disable the permission in the ones that you distrust.

~~~
DrScump
I will _never_ understand why people leave Location Services on all the time.

I don't even _install_ apps that request location when it isn't _necessary_
for _my_ needs (active geolocation, like mapping if I'm lost, hikes, and
such).

For Moviepass, and for the rare cases where I am lost or really _need_ active
directions, I turn Location services on. Then, it gets immediately shut off.
(Similarly, I keep Bluetooth and NFC off except when in active, _intended_
use.)

In fact, for Moviepass and other apps that _require_ locations, I install them
on a secondary phone that I use only for nosy apps. It just stays in the car.
(This is a good use for an old phone without a SIM; most apps will run fine
over WiFi.)

And when apps want to update and in the process try to _add_ permissions they
didn't originally seek and have no business using (e.g. Stubhub, Magnifier,
Flashlight+), I just don't let them update.

~~~
dannyw
People have different valuations. I turn on Location Timeline and allow Google
to record my location 24x7, because I find it useful to be able to know where
I was any arbitrary day or time.

~~~
z_open
Is it also useful to be contributing to the apathy that our privacy, as a
society, isn't worth protecting?

~~~
drusepth
This is a pretty close-minded view on the pros vs cons of sharing any kind of
data in return for benefits you value over that raw data.

~~~
z_open
The pros you get are a luxury, while the cons are an infringement on our
privacy.

We're at the point where you sharing your data harms everyone else. For
example, if there are 1000 people in a population and 999 willing share all
data on themselves, the last holdout doesn't need to offer his data. They can
already derive it from based on everyone else's.

~~~
dionidium
_cons are an infringement on our privacy._

You have to explain why I'm supposed to care that MoviePass knows where I am
when I'm near a theater (i.e. why is this a _con_ ). You're acting like this
is obvious, but it's not. All your work is ahead of you.

~~~
z_open
Because they give that information to 3rd parties who have a larger database
about you in which to add it. Privacy is a basic human right and everyone
wants it. You wouldn't willingly offer all data about yourself and livestream
a camera of yourself 24/7 for everyone to see. I also already gave you a
reason on how this harms people who don't want to give up any data on
themselves.

~~~
dionidium
The degree _is_ the difference and it's a big one. We all trade privacy for
other benefits _all the time_. If the right to privacy is fundamental, then
surely I can claim the right to trade that privacy for something else, too.

(Note: we all do this _all the time_ in both explicit and implicit ways. We
give away private data to obtain loans, we invite people into our homes and to
view our bodies, we tell important secrets to build relationships. Privacy
_is_ valuable, and we _use_ it like it's valuable. That's what's going on
here, too.)

------
lghh
I'm really over trying to fight companies on this on an app-by-app basis. If
we want this to stop, it has to be through legislation. Either we allow
companies to do it and stop acting shocked when it happens, or we legislate
the possibility away.

~~~
comboy
I prefer non-legislative way. Mobile OSes are already doing something towards
this. Notification warning like "app X is using your GPS" \- even though it's
closed or even though your screen is off. Or only allowing GPS usage while the
app is on your screen.

I don't think many people care though. And even if you disagree on that, I
think it should be their right to sell their privacy for convenience if they
want to.

~~~
brlewis
Mobile OSes and web APIs should have distinct permissions for foreground
location data and background location data. I'll gladly give my _current_
location in exchange for temporary convenience, but the way it works now I
have to give my location away from now until such time as I uninstall the app
or jump through the hoops necessary to revoke permission.

~~~
Gaelan
iOS does.

------
matthewaveryusa
The quantities of money are so low, and the deal I'm getting back is so good I
barely care. Then again, I was paying 30/month for moviepass when it just came
out years ago.

The sad part is that AMC doesn't have an unlimited plan. Growing up in France
I had the UGC illimite pass[1]. Moving to the US killed my movie-going habits
from twice a week to maybe once every other month. Then of course moviepass
came along and I was confused at how cheap it was. I mean, can't we have a
regular pass for 50/month no imax from AMC and call it a day? Someone, either
the studios, AMC, or me, is brain-dead and I can't figure out which one it is.

[1] [https://www.ugc.fr/les-offres-ugc-illimite.html](https://www.ugc.fr/les-
offres-ugc-illimite.html) \-- it still exists which means this business model
has proven to make sense in France for at least 15 years.

~~~
Moru
I go maybe once every two years. Afterwards I feel empty asking myself "Was
this really worth 12 euro?". Then I don't go for another two years until I
forget the feeling. It was always like this even when I was a kid. I preffered
Lego and books (and computer when that got available). Movies were always a
letdown.

------
halfjoking
Moviepass is going to get more and more desperate as their money runs out. I
don't have Moviepass but it's fun to think of how they could sell out their
users in the future.

Like maybe they could force users to write 500-word reviews? Or better yet
record their faces so sentiment analysis algorithms can track users every
feeling during a movie? Maybe ask users to spot product placement in movies -
you don't get the movie free unless you enter every product spotted and write
your thoughts about it. Maybe they could force women users to sit next to
creepy men users who pay for that "extra service?" There's no limit to how you
can innovate when you have no respect for your users.

------
tetrahedr0n
Overall, MoviePass is a step forward for privacy advocates and a benefit to
"netizens".

MoviePass just set the price for your data; an abstract possession that people
are barely beginning to value as an actual possession of theirs. The going
price for tracking your purchasing behaviors before and after attending a
movie is the cost of however many movies you can see in a month minus $10.

Facebook paid with a social networking platform to connect you to an
unimaginable number of people you probably wouldn't be connected with
otherwise. For that, you gave them your history and your super-ego.

Google gave you a map, an email, a phone number, and a bunch of productivity
tools. For that you gave them everything.

The value of your data is holding steady or going up, depending on your
perspective.

Also, MoviePass took a step in the right direction towards disclosure of
intent when their CEO opened his mouth about it. Their TOS is typical, but the
CEO is more transparent than most. They should be the brave first company to
make their intention transparent.

~~~
baddox
> The going price for tracking your purchasing behaviors before and after
> attending a movie is the cost of however many movies you can see in a month
> minus $10.

Well, it's the _value to you_ of however many movies you can see in a month,
minus $10. That's likely very different than the nominal cost of all those
movies, since MoviePass is likely to cause you to see more movies than you
otherwise would.

------
linsomniac
As far as I'm concerned, it would hardly matter if the theaters charged $0 for
movies.

My family almost always goes to the movies for a "family date night". Last
night our concession stand bill was over $60, and that's just because I din't
have a drink and we didn't get popcorn.

The theater we pretty much exclusively go to is one of those fancy places with
the power recliners and food, so we will usually eat dinner there.

I know, this is choices we make when seeing a movie. But, I can't _AFFORD_ to
get unlimited movies for $10/month. :-)

~~~
r00fus
Huh. All the folks I know bring their libation (beer even sometimes) and even
food into the theater.

My wife and I always eat first, then take a small snack in her bag and that's
it.

Of course, we don't go to an upscale theater.

~~~
milesokeefe
What theater lets you bring in outside food/drink? I've never heard of the
practice, outside of theaters that let you bring your own growler for them to
fill.

~~~
r00fus
It's all on the down-low so only works with minimal snackage but no theatre
around where I live pats you down.

So it's against policy, but most folks do it.

------
mcescalante
From my understanding, the bet that MoviePass is making is that they will be
able to sell user/usage data to studios (or others) to make back the money
that they're losing paying full price on the tickets; they've even admitted
this in other interviews... just without specifying what data. Even if it's
not location data, I would imagine that any/all data they can associate with a
user they will.

~~~
castlecrasher2
Off the top of my head I'd say they're looking to see what other things people
do after movies, like go out to eat, shopping, or go home.

~~~
wvenable
What's the value of that information?

------
abalone
They will DEFINITELY run into trouble with Apple's app store policy. Apple
doesn't outright ban apps that do this but they have to clearly state what
they do when requesting location services permissions. There is a string
called "app explanation" that has to state what they will use it for. Theirs
says:

 _" Find Theaters and movies near you, and be able to use the app to get
tickets and the theaters."_[1]

There's nothing about tracking you outside of that purpose. Nothing about your
drive to the theater, nothing about where you go after. So if they're doing
that or start doing that, they should and probably will get kicked out of the
app store.

Having said that, I wonder if this is true for their iOS version or just
Android. The privacy policy in their TOS is probably sufficiently vague to
pass legal muster.[2]

[1] On iOS go to Settings > Location Services > MoviePass

[2] "we ask you to supply us with personal information so that we can provide,
enhance and personalize our services and marketing efforts"
[https://www.moviepass.com/privacy/](https://www.moviepass.com/privacy/)

~~~
bobbles
"be able to use the app to get tickets and the theaters." is this simply a
typo that should be "and TO the theatres"? That would make sense if it
actually gave you directions to get there at least...

------
pashabitz
Yes, this is kinda annoying and yes, we're losing our privacy little by little
but please, give me a break with the fake bewilderment. It's an explicit
permission (on iOS at least) to use GPS when you're not in an app. This
journalist is in total shock that the app actually uses this permission to try
to make money. Come on.

~~~
gergles
And it doesn't even ask for the background location permission, so unless it
has magical superpowers, it isn't going to be able to track you unless have
the app open.

This is a really bad article, and I am shocked, just shocked, to see reporting
of such poor quality on TechCrunch.

------
NotQuantum
Jokes on them, I've purchased all of my tickets via an Android Emulator and
GPS spoofing. I've got it setup such that I text my home box that it's "movie
time" and I get a response as soon as the app says the card is loaded.

~~~
ironjunkie
Half jokingly , I thought about doing the same thing and "Milk" the service.
That is use as many subscription as you have family members//friends, buy one
ticket a day and sell them all back on Craigslist for 25% less.

I would never do it of course, but I'm surprised nobody is doing it.

------
passivepinetree
The way TechCrunch presents this, it seems even shadier than Uber's "we'll
track you for the 5 minutes after you get dropped off" tactic from last year.

With no language addressing such tracking in the EULA, how is that legal?

~~~
peteretep
> Uber's "we'll track you for the 5 minutes after you get dropped off"

Ah, is this how Uber knows my preferred pickup point near my condo? It's an
excellent feature.

~~~
passivepinetree
Yeah, I believe the rationale was to know better where entrances and exits are
to certain buildings. The idea is a good one, but many people were up in arms
about tracking that wasn't expressly during the interaction with Uber the
company.

------
chiefalchemist
A monthly subscription cost for "unlimited" movies priced lower than the price
of a single movie?

Mind you, my mum wouldn't understand that at that point she's the product.
However, the ol' "If it sounds too good to be true, it probably is" is
something everyone should know.

I don't agree with MoviePass' approach - which is the reason I haven't
subscribed - but unless it's blatantly illegal I think it's safe to presume
they'll do anything to make a buck.

MoviePass is too good to be true. Let's not be naive. Let's cut back on the
fake outrage.

~~~
s73v3r_
I think that's the thing people are upset about: Many of these deceptive
practices are not illegal, and probably should be. The EU has a good start
with their new data privacy legislation; the US needs to adopt that.

~~~
chiefalchemist
They're upset because...they're getting something for next to nothing (in
terms of hard dollars)?

Should there be more transparency? Sure.

But even so, being naive is only going to manifest itself somewhere else. The
Nanny State will never win that race.

~~~
s73v3r_
"They're upset because...they're getting something for next to nothing (in
terms of hard dollars)?"

That's a rather disingenuous way of putting it.

"The Nanny State"

That's an even more disingenuous way of putting things.

------
0xmohit
Hasn't it been demonstrated that apps can track user location even without
requesting location or WiFi access?

    
    
      Android apps can track a user's location and glean potentially
      private, personal information – such as where you work or live
      – just by monitoring the internal sensors. More importantly,
      they can do this without ever needing access to a device's GPS
      or Wi-Fi permissions.
    

Source: Are your apps secretly stalking you? Android phones can be used to
track you without permission [1]

[1] [https://www.wired.co.uk/article/android-apps-can-track-
you-w...](https://www.wired.co.uk/article/android-apps-can-track-you-without-
using-gps-or-wi-fi)

------
mon22
Without setting location access to "always", this shouldn't be possible,
right? He might only be talking about the customers who have it enabled. So
yeah, will wait for the clarification.

~~~
product50
On Android, that is not a setting you get.

~~~
sp332
An Android, it also asks for permission to read all your photos and you can't
use the app if you don't accept. I only run the app on an old iPhone I had
lying around for that reason.

~~~
cryptoz
Is there a use case in the app that makes that somewhat reasonable? If not, it
sounds like grounds to be reported and removed from Google Play as malware. I
thought that would be 100% against the developer rules. Maybe it is just a
guideline to only ask permission for things you need, and to let the user use
the app even if permission isn't granted.

Maybe it's just that Google won't feature you or something. But it should be
against Play Store rules if it isn't already.

~~~
paulcole
> Is there a use case in the app that makes that somewhat reasonable.

Maybe image recognition to see the kinds of things you're eating/considering
buying before/after going to the movies?

This seems pretty reasonable to me. I consider it a fair trade for the
monetary discount they're offering on their services.

I don't want to spend $10-$15 whenever I want to go to the movies. But I'm
more than happy to provide access to my data and photos which I have no way to
easily convert to monetary value.

If I didn't feel this way, I just wouldn't use their service.

~~~
FireBeyond
If only it were that harmless.

No, the reason for accessing your Photos is to get the location and timestamp
off of every one and build a nice little trail of where you are and where you
go.

~~~
castlecrasher2
To what end? This kind of hyperbole just desensitizes me to concerns about
data collection.

~~~
simias
That doesn't seem too far fetched to me. Knowing where you go gives a lot of
information about you, who you are, what you're interested in etc... That
sounds valuable for targeted advertising.

------
hanoz
Slight tangent but is it the case that the vast majority of Android apps (like
>99%) which ask for superfluous permissions that cannot be denied or revoked,
are about to become illegal under GDPR?

~~~
Silhouette
It looks like much of what's going on here would already be illegal under the
existing EU data protection rules, even without the GDPR. But does MoviePass
operate within the EU?

------
joncrane
Someone in an earlier thread about Moviepass posited that they are banking on
making money on data, because they are losing money on the ticket portion.

The surprising thing is that the CEO admitted it so readily.

~~~
vlovich123
Why is that surprising. They were always up front about the data when they got
acquired & dropped it to its current price. The new part is the location
tracking (which thankfully you're now in charge of on an iPhone).

------
JazCE
In the UK we have a chain of cinemas called Cineworld, they have a card that
allows you to go to any movie, any time, for a 12 month sub of £17.90 a month.
I'm practically always at the movies with this card. Between this, netflix and
my parents sky account, it's rare that i'll miss a movie for the year.

I'm surprised the USA movie chains haven't aped this (or even that Cineworld
wasn't aping the USA chains).

~~~
mirchibajji
Another happy Unlimited subscriber here. Odeon also started a similar one
called limitless

------
jakebasile
You know, maybe I'll just pay for the ticket.

------
kc10
I was a MoviePass subscriber for about 4 months. But I noticed that
international movies and few theaters are blocked, can't reserve tickets ahead
of time as per TOS. With all these restrictions I didn't even watch any movies
for a couple of months. So I just cancelled and subscribed to Sinemia (I am in
no way related to this service).

~~~
csmiller
Never heard of Sinemia. How is it different?

~~~
mynameisvlad
Looking at their plans ([https://www.sinemia.com/new-
plans/](https://www.sinemia.com/new-plans/)) it's capped at 2 or 3 movies a
day, available at any theater and in any format. You can also apparently buy
advance tickets, which is a huge limitation for MoviePass.

Their business model seems more sustainable than MoviePass, too. Well, at
least when it's not heavily reduced due to the Oscar promo.

~~~
mcast
Per MONTH*, not per day. That’s a huge difference to MoviePass.

~~~
mynameisvlad
Yes, which makes it _far_ more sustainable.

------
Taylor_OD
Their CS is very poor. The app, even the updated one, doesnt work very well
and will sign you out randomly. You're allowed to check into sold out movies.
They got rid of the largest supported AMC theaters. The company has so many
downsides now. Before I was telling everyone to sign up now I'm talking about
all this type of stuff.

------
chapill
>It sure isn’t in the company’s privacy policy

What they are doing is illegal in the state of California.

------
taurath
This is why a company "privacy policy" doesn't mean anything - they can change
it with no warning or just plain lie about it. The only purpose is to placate
their users.

~~~
Silhouette
Maybe that's true in say the US, or some states in the US, but it isn't true
everywhere. The EU is probably the biggest counterexample, with relatively
strong privacy and data protection rules already, and almost draconian new
rules for organisations that are working with personal data coming into effect
later this year with the GDPR. A privacy policy is a part of the rules there,
and misleading with one could get you in trouble with the regulators if
someone complained.

~~~
taurath
Given the state of data management throughout the US and the world, I welcome
some draconian rules if they actually protect people's data.

------
datahack
We've stopped going to the movies since this service came out, and bought a
bigger TV. We don't want to pay the movie food tax, movies are now _packed_
with people and unpleasant to watch in our area, and it's just not an
enjoyable experience.

Location-based tracking is totally common, and a serious business these days.
This dataset will provide MoviePass with a huge and unique database, and they
will prosper.

What nobody is talking about in this thread is that once they combine it with
all of the _other_ databases (profile, interest, etc), they will be able to
track every single movie consumer from cradle to grave, from home to work, and
on to the theater. They will know how your friends are, who you go to the
movies with, where they live, who they know... this is all stuff that
companies have been doing now since the early 2000s.

My point is that not only is this not illegal, it's relatively common. It
might feel creepy, but this is the new normal. It's just not talked about very
much. Google has a ton of this data, so does every cell provider, and of
course someone mentioned foursquare, who realize that the location business
was a better business than anything else they can build.

Also, the more we allow social media into our lives the richer these profiles
become, because the qualitative data from social networks is the foundation of
location networks. Where meets who meet when = datapoint.

In case you were wondering where all the mobile advertising revenue
transitioned, start reading the T&Cs on the apps you download friends. :)

------
CodeSheikh
They can't be collecting data continuously if the location privacy setting is
set to "While Using the App" on iOs. I remember Uber removed "While Using the
App" option and provided only "Never" and "Always" options. And they got a lot
of heat because of that.

------
technofiend
Load app - present ticket - uninstall app.

~~~
sgroppino
It's getting close to a point where you should just bundle all of these apps
onto an old android phone and use it just ad-hoc when you absolutely need
them.

------
hartator
I don't see the big deal really, Google maps and the like has probably 100x
the data plus the mean to make it evil. I don't really see what extra data
they will have compare to just ticket sales. It seems just a bad VC bet, and
you can take advantage of it.

~~~
dawnerd
Some people here are hilarious. Bad if moviepass goes it - Fine if
google/Facebook/Apple/etc does it.

------
auggierose
Never heard of MoviePass before (or are they connected to these strange Arnold
Schwarzenegger meercats commercials)?

It seems cinemas are doing this already by themselves, for example Cineworld
with its Cineworld Unlimited program for about £200 a year.

------
saudioger
Of course it does, why wouldn't it. The only thing preventing most companies
from doing this to you is their ability manage the data effectively enough to
turn a profit. Pure capitalism.

------
walrus01
The oneplus variant of android, oxygenOS, allows you disable location services
granularly per application. They continued the granular permissions system
from CyanogenMod.

------
max937
Just log out of the app after purchase. If that’s not enough, delete the app
and reinstall each time you are at the theatre.

Love MoviePass!

------
findjashua
not sure about Android, but on iOS you can customize which apps have access to
location data all the time (eg google maps) and which ones have it only while
using (eg moviepass).

So if you open the app only to check-in in the theater, they shouldn't be able
to access your whereabouts before/after that.

------
thomzi12
I don't get the outrage over this -- haven't Uber and Lyft and Google been
doing this for years?

------
yorby
in other news, Ford Executive says he can track you anytime you drive...
[http://www.businessinsider.com/ford-exec-
gps-2014-1](http://www.businessinsider.com/ford-exec-gps-2014-1)

------
awad
iOS explicitly lets me give location access to an app only when it is open. I
was under the impression that it's a literal definition and that apps can't
track me in the background. Is this a mistaken view?

------
erikb
Not too tough. I guess "in front of cinema" in both occasions.

------
amorphid
It's also draining the heck out of my battery.

------
darkstar999
Can't you just revoke the location permission?

~~~
jastanton
Yes, all up until you need to check in for the movie. You have to be
physically located within a set distance of the theater in order to load up
funds on the credit card.

------
mike_n
they also try to get permission for android's "body sensors"

------
Feniks
I never understood the concept behind this app anyway. You save money with
tickets but are supposed to buy more overpriced food in the theatre? Thats not
how you save money. Must be an American thing.

~~~
nickster
You don't have to buy any food.

