Hacker News new | past | comments | ask | show | jobs | submit login
Retail stores use Bluetooth beacons to track customers (nytimes.com)
351 points by notinversed 66 days ago | hide | past | web | favorite | 251 comments



It’s worse. I have personal knowledge from a lot client work in this space.

There are companies offering some basic functions like “wayfinding” so the retailer or mall wants to give wayfinding to the user in their app. Sounds good, in fact it’s cheap, and they will even handle the beacon deployment... hook up sdk to wireshark and find it sending lots of data, some of it comes to me (retailer api) but a metric ton of it is going back to the provider. Being able to see the installed solution in multiple retailers and seeing the app code you start to notice persistence between them... retailer and mall didn’t even ask for this. They just wanted wayfinding.


Yes that's exactly how this gets implemented in practice.

I did quite a bit of client work here too, specifically around using already existing surveillance camera networks to build user profiles.

At the end of the day the goal is to optimize for the intersection of "what the user wants" and "what we want to sell." So, a low collection system will give bad recommendations and a really good recommendation system will have an immense amount about the user.

Now that I talk with people on the other side of this, it's clear that most don't really care as long as they are getting good suggestions. I had this conversation just a few weeks ago with a young lady and her take was: "It's kind of creepy, but if it gives me good suggestions, I don't really care."


Part of the problem I think is that these people don't actually comprehend what is happening and the possible consequences. To them it's just a magic black box.


Maybe I’m one of these people. What exactly are the consequences? So far, the most damaging consequence of overreaching customer privacy is the famous teenage pregnancy leak when Target sent out coupon mailers to expecting moms based on shopping history.

That’s a really weirdly specific issue, and hard to imaging a similar scenario that would affect my life in some equally horrible way.

Am I missing something? Why should I be so afraid of Home Depot or whatever knowing a little bit about me?


My wife got a box of Enfamil Fedexed to our door as a promotion on what would have been the due date of our baby. Unfortunately, she miscarried at 3 months.

They knew this because marketers get near real-time access to prescriptions, hospital admissions and other things.

You should care because your information will be sold or traded, and behaviors can be correlated against medical and other outcomes.

Are you a divorced dad who has moved within 90 days and play daily fantasy sports? I can buy a list that will find you for $250. You are a risk for opioid addiction and may get denied service in the future for medical issues. Or you may attract advertising tailored to get you to gamble or drink more, when you are at your most vulnerable.


If what you are saying is true (I'm genuinely asking), that sounds like behavior that should absolutely be made illegal and severely punished.

I try to maintain a "lite" internet footprint (no facebook, only social media is LinkedIn, I use a VPN when I can) ... it's a little disturbing to think that someone can just purchase my buying history and use it as, essentially, an attack vector to serve me ads or gaslight me into buying stuff I don't really want or need.

Am I'm being naive?


Yes, you are. The events surrounding what happened to my wife was very painful (an ectopic pregnancy that nearly killed her), and a thoughtless reminder was very unwelcome. I still feel violated and betrayed.

In our case, I found out the marketing list from Enfamil and bought it for my zip code. I complained to the hospitals’ privacy officer and the state regulator and found that everything was legal.

There is a lot of data on the topic...

Prescriptions: https://www.theguardian.com/technology/2017/jan/10/medical-d... Linkage to lifestyle data: https://www.statnews.com/2018/07/18/health-insurers-personal...

In our case, the hospital pharmacy issued drugs to her indicative of a pregnancy. The pharmacy or insurer provides that information in real time to data brokers. The pharmaceutical companies assign quotas and send salespeople for certain drugs. There are other ways for data to get out that we’re not certain of. Perhaps the insurer “anonymizes” and sells subrogation information. Or the lab. In any case, they knew that my wife was admitted to an OB floor of a hospital, but didn’t know the outcome.

It’s not going away. The US government uses these same techniques with companies like Google to combat extremism or terrorist conversions — they actually use factors like this to target potential recruits with counter-information via ads.


> I complained to the hospitals’ privacy officer and the state regulator and found that everything was legal.

Both of those are the wrong venue for complaint on this issue; the hospital privacy officer exist to protect the hospital from liability and will never confirm to an outside party, especially a complaining party, that an act is a violation of the hospital’s legal duty, and the state regulator isn't responsible for enforcing federal law.

The right place for complaint is the federal Department of Health and Human Services Office or Civil Rights, which is actually responsible for enforcing the privacy provisions of HIPAA. Or getting your own attorney.


That's really awful. I hope you both are doing better gradually.

How the hell was trading individually identifiable hospital admittance and treatment information not a HIPAA violation?


It's not a HIPPA violation because they give the information to one of their "partners", and you agree to this in all the crap that gets signed.

I went to a Norton Hospital Immediate Care Center and paid cash because I didn't have insurance at the time. Because I paid cash, Norton turned all of my contact information over to a company that sells health insurance and gives loans to pay for medical services. They bugged the everlovin' shit out of me with automated phone calls until I decided enough is enough.

The Immediate Care Center denied giving any information out and were shocked this was happening, but Norton central billing knew about it, said they would remove me, but the 3rd party already had my info so it was too late.

The 3rd party were complete assholes, and when I got fired up because I wouldn't give them even MORE personal info to be removed from their call list, they said it was my fault: if I had just called them back and given them the 15-digit code, an agent would have removed me. That's also a lie, because I eventually did try that.

To protect my privacy, I told Norton my phone number had changed, and my new number was 812-555-1212, which is the 812 area code directory assistance number.

They did the same thing to my sister when she paid with cash because her husband had just changed jobs and she didn't have the new insurance info yet.

HIPPA is a joke.


That's really awful; I'm so sorry you both had to go through that.

Would you mind sharing more information about how you found that list (esp for a given zip), and how you think they tied that information to an address? My email is in my profile, if you wouldn't mind reaching out.


I called and asked Enfamil. They readily provided the name of the marketing list. When I bought it, you had to get a minimum number of entries, which I did by targeting a couple of local zip codes.

I don’t have ready access to it now, but it had all sorts of stuff, probably about 150 columns. Stuff ranging from likely medical conditions to car owned, to stores frequently shopped to specific consumer products used.


As a more serious and well-known concrete threat, this type of data is regularly aggregated by data brokers, and then used by stalkers and domestic abusers to commit crimes.

I imagine it being available and cheaply for sale is also a boon for various financial crimes/fraud.

It's not home depot specifically to be worried about knowing a little about you, but about them not being competent to control that data and everyone's little bit becoming a lot more significant and dangerous when combined.

edit: Also, the same type of information can easily be used later by government. I imagine if Uyghurs were not being specifically targeted by the Chinese government for cultural extermination there would be little trouble in their cultural identity being discernible from certain purchasing profiles. Once they are rounded up into camps, the last 15 years of detailed surveillance about them becomes very troublesome for them.


Never heard of them selling to individuals but it wouldn't surprise me if they do. At the very least a record should be kept of who they sold the data to in case it is used for a purpose like stalking someone.


I work in credit scoring and you should be afraid of what you will not be eligible / priced systematically for in the future.

What will employers find when they use this for background checks? If you regularly buy alcohol a drinks_alcohol flag could be set or a health_indicator could increase.


This feels like it should be better dealt with via legislation. Already sounds like health data, which is legislated to high-heaven in the US, and also sounds like the juiciest ever GDPR suit waiting to happen in the EU.


Well the example was now around health data, but you can easily make up other more innocuous examples that will discriminate enough to give you a disadvantage.


But the more innocuous, the less I care...


Health data may be legislated to high heaven, but it's easy to get around: they can give it to "partners", in other words, anyone they want.


I feel like this could also be used in the hiring process to discriminate against women who are pregnant or are trying for a baby


It's not that you should necessarily be afraid of it but rather that you should be more aware of it. Advertising is now weaponized to the point that companies can take advantage of people through psychological tricks to get them to disadvantage themselves just to make a sale. Imagine the housing crisis amped up to an order of magnitude. Transactions, theoretically, should be based on good faith from both parties. If a business has far more insight into you than you have into them, though, then nearly every transaction has the potential to be predatory.


Is there a concise, well written, summary of the types of things that are likely to happen to folks because of data collection? Would be nice to have something to give people that don’t understand.


This is, in general, the problem with America and other countries, in my opinion. Technical literacy is extremely low for the level of technical sophistication present in everyone's everyday life. I know it's not great in other countries but I think America has it worse in a lot of ways because our society encourages companies to take advantage of people in every way imaginable and lawmakers are possibly even less tech savvy than the majority of the population. People don't actually understand the consequences of their actions (agreeing to ToS, giving Facebook their data, using Amazon Echo/Google Home, etc.) and so they can't actually make an informed decision. The EU, at the very least, has attempted to make this conversation more public through the GDPR, but America is too self-involved to even consider educating the populace.


Agreed. I feel like if I had to classify the issue “technical literacy” would be the root problem and solution.


> "It's kind of creepy, but if it gives me good suggestions, I don't really care."

This is an Unpopular Opinion, but IMHO thats kind of a reasonable stance to take.


You could say the same thing about any externality.


If you don’t consider impulse buying or recreational shopping or private surveillance networks a problem, sure.


That's not unpopular. That's the idea of a two sided transaction, you learn a little about me and point me in the right direction as a personal shopper and I'll buy something from you.

Also, point out that you're going to sell that data to anyone who asks, link it to your facebook profile and CC data and people start to get a little uneasy. The reason people tend to view these things as OK, is that they see it as a 2 sided transaction and don't realize the implications of unregulated data. If we had clear laws around data, and consent of use of data like GDPR in the EU, it's a completely reasonable stance to take. (even with GDPR, there's a lot of data in things like tracking beacons and video recognition in public that are difficult to consent too or have data removed . . ..)


>This is an Unpopular Opinion, but IMHO thats kind of a reasonable stance to take.

I disagree. The recommendation is immediate and apparent to the end-user. The negative potential uses/consequences of all the other data collection are not.

It's funny, but when an unsuspecting person gets a home loan they can't possibly afford pushed on them by a shifty mortgage broker, people here cry bloody murder. But when people ignorantly consent to having their data harvested for the pleasure of better targeted advertising, the tech community happily says "but they asked for it!"


> But when people ignorantly consent to having their data harvested for the pleasure of better targeted advertising, the tech community happily says "but they asked for it!"

What? I feel like the only topic the tech community gets worked up about that nobody else cares about is digital privacy. There are always people on hacker news condemning a lack of privacy and targeted ads - I'd venture it's the majority of people on this site that feel that way.


All Reddit twitter and HN do is complain about data privacy and ads. It’s the complete opposite of ever being “they asked for it”. Can you find any big thread with more than a few small comments Resembling “they asked for it”? I can give you tons of examples for data privacy and anti ad stances. Just go to any FB thread. Or even this thread.


I've used systems that leverage passive detection of Bluetooth, Wifi, and other radio signals as an indicator. No Apps required. Tying beacons into points of authentication (login from workspace) or transactional data at a register.

A large portion of it was actually focused around security and not product marketing, but the tech is the same.


Tying beacons into points of authentication

Reminds me of an old Mac application from PowerPC days that would sense your phone's Bluetooth coming into the room and automatically unlock your computer.

I thought it was pretty cool.

Current Macs have that possibility built-in, but it only works with the Watch.


I use MacID app on my iOS device to quickly wake my OSx machine via Bluetooth and authenticate w touchID. I think it's pretty slick. Not for the security crucial installation but fine for home.


>Current Macs have that possibility built-in, but it only works with the Watch.

Maybe built-in to the OS. You can definitely do this with any Bluetooth device and any Mac with both free and paid software.


There are still some open source solutions for this out there to do it with general Bluetooth.


Does the BT detection work the same way that WiFi access point scanning works? I know that app developers use this WiFi tech from a client (device) side to determine location, but I am a bit disturbed about the aspect of this being so accurate with BT devices.


Yes passive signal detection behaves like this. Apple uses passive and active Bluetooth in their stores to determine what products you are looking at.


What kind of profiling did you do? How did you account for any biases in your algorithms?


Maybe the existence of such toolkits is a Chesterton's Fence that says you can't make this work without something installed on the phone. But this would be possible without these trojans.

If the Bluetooth beacon configures itself as a master, and enters inquiry mode, phones that pass nearby will happily respond with their Bluetooth ID (see https://www.bluetooth.org/docman/handlers/downloaddoc.ashx?d..., section 8.4).

You can also do the same with Wifi access points: Phones are constantly broadcasting their MAC address during active scanning for networks. The location from signal strength isn't as good (a Bluetooth beacon can pin you down near the Yoplait yogurt, a Wifi beacon and signal strength measurement just put you in dairy) but it's getting better (worse?). See: https://www.crc.id.au/tracking-people-via-wifi-even-when-not...

I imagine it would not be perfect but would be acceptably easy to use these "anonymous" MAC addresses to connect you to a name and address on a debit card. If your MAC and 20 other people left the store Friday at 2PM, and you and 20 other people went through checkout, and then your MAC and checkout are seen with 20 different people next week it's pretty trivial to identify you.

The cynic in me, though, says that even a minor loss of fidelity in tracking data weighed against the minimal risk and cost of building the spyware makes it worth building both.


> Maybe the existence of such toolkits is a Chesterton's Fence that says you can't make this work without something installed on the phone. But this would be possible without these trojans.

Without these trojans the store would have on its hands a major networking infrastructure project. With these trojans, all they have to do is drop a few battery-powered beacons in their venue and store their IDs along with coordinates in a database.


"The store" that implements these is probably not a mom-and-pop. Places like Walmart succeed because of their ability to execute major logistics and networking projects.

If the beacons increased Wal-Mart's revenue by 1%, the "major networking infrastructure" project could be a $5 billion department, larger than Google's entire R&D operating expenses.


Sure, but the Beacon technology was designed for this cheaper type of use (dumb beacon, smart phone) from the get-go - people working on it probably may have wanted it to be useful not just for the biggest chains, but also smaller franchises and mom-and-pop stores (why limit your market prematurely?). In the alternate reality in which BLE beacons were never created, maybe Wal-Mart did its own major project to get the same results the hard way.


Can't compare revenue to operating expenses for funding a new department, should use earnings minus income taxes instead. It would be closer to funding a $1 billion department.


They have security cameras too. Correlate video with AP locations and you can probably figure out whos phone it. Tie that in with some facial recognition database and can really identify people.

Walmart has been adding cameras on high shrink isles that are almost eye level. At some point they might add even more cameras for "security" that are also used for eye tracking. Think of all the opportunities to optimize product and ad placement.


self checkouts already have eye level cameras and they know which items you actually purchase so really not that farfetched to assume they're also using beacons to track your phone as well.


And when you swipe your card to check out they have your name, even if you don't use a loyalty card. Name + Face, along with some bluetooth tracking data. They can now track you forever, even if you delete the app, stop using your credit cards, etc.


>And when you swipe your card to check out they have your name, even if you don't use a loyalty card

I thought the name’s embossed on the card, but not on the magstripe/EMV chip data?


It's very much encoded in the track data. It may not be in clear-text by the time it leaves the reader but it's encoded in the data.


Do you mind linking to a source? Wikipedia has details on it, but it doesn't say anything about names. https://en.wikipedia.org/wiki/Magnetic_stripe_card#Financial...


From your link, it looks like "Name" is in Track 1:

  Start sentinel — one character (generally '%')
  Format code="B" — one character (alpha only)
  Primary account number (PAN) — up to 19 characters. 
  Field Separator — one character (generally '^')
  Name  — 2 to 26 characters
  ...


Thanks, not sure how I missed that.


It's also part of the EMV Specification and can be read with any nfc or smart-card capable reader. You don't need a special payment terminal.

https://www.emvlab.org/emvtags/show/t5F20/

There is one store in my neigbourhod where the payment terminals show this field (my full name) on the screen during checkout. I was very surprised when I noticed this the first time.

But apparrently not all card issuers fill the field with correct data. One card, a prepaid Visa from a big fintech, has "N/A" programmed in the field.


This is absolutely happening at scale in Chinese malls and even those small 7/11 style corner stores. Correlating profiles with Alipay/facial recognition/WiFi/Bluetooth tracking.


A company I worked for was interested in installing these WiFi locators in its buildings to study how people move through them - it turns out it doesn't work that well outside of fully clear spaces (so it can't be crowded, there can't bee too much furniture - although you might be able to deal with the latter if you spend a long time calibrating) + it requires dedicated devices (with faster clocks). Definitely doable though.


Mobile devices (iPhones, probably most others?) randomize their MACs when looking for wireless networks, although that may not be enough to stop a determined snooper.


I setup Home Assistant with the Raspberry Pi Bluetooth module to detect when my fiance and I were home or away (to turn on/off lights, turn off WeMo switches to the curling iron that my fiance always forgets). After a few weeks of forgetting I had it running, I logged back into the Home Assistant dashboard to notice that it was tracking nearly all of my neighbors Android phones, iPhones, headphones, TVs - when they were home, when they were away. Entirely passively. Most devices had names that could very easily be linked back to the user - i.e. "Joe's iPhone".

Just to reiterate - this was _entirely passive_. I did nothing but enable the Bluetooth presence detection module in Home Assistant on my Raspberry Pi, and over time it built up a detailed log of when nearly all of my neighbors were home or away.

Luckily I was able to quickly turn off tracking of devices that weren't explicitly enabled.

What confuses me, is that I thought iPhones had randomized MAC addresses? In the Home Assistant known_devices.yaml file, you can give aliases to phones based on their MAC address. And my iPhone has never changed it's MAC address, because Home Assistant continues to track it with ease. Not entirely sure how that works.


iOS randomizes the MAC address when scanning for networks but provides its true name when it joins one.


Yep and I’ve been researching this for robotics. The new WiFi standard 802.11mc includes improved time-of-flight measurement of radio packets such that the device can be localized to within 1 meter reliably. Android 9 and the Pixel already support this, though WiFi APs supporting this are still in the early phases. Google WiFi supports it tho.

The good news is that this technology does not tell the AP where you are, only the device knows. However an app on your device could share this information with advertisers.

https://www.crowdconnected.com/blog/testing-wifi-rtt-on-andr...


Apple's iBeacon location-aware shopping goes live today (2013)

https://www.theverge.com/2013/12/6/5181302/apple-store-ibeac...

Beacon Technology Arrives in 50 Target Stores (2015)

https://corporate.target.com/article/2015/08/beacon-technolo...


Now that the privacy pendulum is swinging the other way I'm curious if Apple will ultimately be the undoing of this thing they helped create. If devices using iOS 13 start broadcasting a constantly changing bluetooth ID as a part of the new "Find My" feature these systems won't be able to track users from beacon to beacon or know how long you were in range of a single beacon.

This will probably wreak havoc on traffic counters and other infrastructure that use bluetooth bacons to do things like monitor highway congestion and foot traffic


This is incorrect. Your phone detects the beacons, not the other way around, and then forwards the notifications to {insert app here}, and then the app sends information (beacon id, user_id, ...) to their servers.

I actually implemented a nearly identical system for my senior design project, except we targeted the smart home ecosystem. Basic use cases would be automatically turning on/off lights or having a music stream/temperature preference/... follow you as you move throughout your house and enter/leave rooms. All implemented by an app on your phone detecting strategically placed beacons.


> If devices using iOS 13 start broadcasting a constantly changing bluetooth ID

They've always done this. I think you have your threat model inverted. Beacons aren't tracking phones around stores.

3rd party SDKs installed in apps are tracking user's indoor location via beacon triangulation and uploading that data. A subtle, but important difference.


Shouldn't Apple ban apps using those SDKs? Is it identifiable from a source scan or binary trawl?


The issue is that there are legitimate uses for this type of code, though. For example, I have my home set up with tons of automations that change, for example, the color of the lights when I'm in the kitchen vs. when my wife is in the kitchen. She prefers warm lighting and I prefer the daytime lighting. It's the same technology, it's just being misused in these commercial instances, in my opinion. People don't actually know that they're agreeing to this type of usage.


I think so, seems to be the logical progression of their crackdown on particularly egregious 3rd party analytics implementations.


In ios 13 they added bluetooth and wifi access as privacy toggles. Does this prevent this sort of tracking by apps if turned off?


I was working with Target when they did this roll-out. As sinister as everyone here seems to make it sound, I can assure you at that time it was not. If you're familiar with the inception of corporate projects, this project was no exception to any of the stereotypical fumbles and foibles of any effort of this scale.

It began simply because Apple said "...iBEACON.." and everyone corporate wanted the new buzzword in their portfolio to let people know how hot/hip/tech they were (toys -r- us considered it for awhile) so they could pull the kids away from the internet and back into brick-and-mortar. How can we use these? What are they good for? No one really cared, they just wanted them in the store and we were there to sell them that (at a premium).

In 2015 - indoor location was bogus. Everyone in this forum seems confident that there are multiple ways you can determine location with Wifi (round trip packet time) or bluetooth (RSSI). A cacophony of radio in a catastrophically noisy environment does not work to provide reliable location information.

In fact - it was so bad, that there were a handful of other equally unrealistic solutions being pedaled by everyone from universities to light-bulb manufacturers. One such solution was to profile the accessible space of a building using a phone's compass, and then use the observations from a client device compass to identify how generated patterns correlated to the profile for the building.

The torrent of data you see pouring from your phone to the service via wireshark is real-time sensor data that is being used to feed a service side bayesian / markov-chain / monte carlo / kalman-particle filter / keyword soup monstrosity trying to generate some possible marginal confidence in a probable location. We found that this system was most effective in turning your phone into a pocket warmer, but sold like hot-cakes in a B2B setting wherein the intended end user had absolutely no voice.

Corporate wanted to buy it so they could sell advert-space (pop-up coupons) to affiliates. So we sold them something that worked barely well enough to provide a one-popup demo to potential interested parties. The affiliates bought the magic, corporate paid our company an arbitrarily large quantity of dollars for the service.

A deployment of thousands of coin-cell driven beacons per store, placed within reach of bored youths, maintained by an underpaid associate staff is of only questionable utility.

On a scale of things to worry about, ranging from nuclear holocaust to e. coli in your produce - this ranks a solid -3. In fact, in the 4 years since I've worked in this field I think the only advancement that has been made is that it's harder for third parties to sell because no one can do it well, so why not just do it in-house? It's cheaper and has the same garbage result.

If you think I'm wrong - go do it yourself. All these signals are easily grep-ed within any store (there's no way to make it proprietary), and you can create your own model and out-sell the proprietor. Surprise me. With an actual, viable client-oriented product (and assuming users actually want reliable indoor location) you'll make bundles selling it to the valley. Everyone is trying to do it (even cisco tried for awhile) - no one has.

Michael Kwet has read all the marketing copy, and rewritten it for popular consumption as a product. The insight/value provided by these systems is far more sparse than implied.


Such data is usually so noisy and incomplete that you cant get any actionable value from it.

The more complex a method is at tracking someone, the less reliable it is.

People fear too much of what can be done with the fancy ways of tracking while overlooking simpler ways that are much more effective.


All new technology is overestimated in the short term, and underestimated in the long term.


Bluetooth 5.1 promises a sub-meter accuracy in distance finding using Bluetooth beacons. When those devices become available you'll probably want to re-evaluate those statements.


This is rage inducing. I went into this article thinking "ok as long as I don't have the Target or Ikea or whatever app installed on my phone, I'm fine." While that is a primary way, this needs to be outlawed:

> These companies take their beacon tracking code and bundle it into a toolkit developers can use. The makers of many popular apps, such as those for news or weather updates, insert these toolkits into their apps. They might be paid by the beacon companies or receive other benefits...

Ban this, full stop, on both ends of this transaction. The Reveal Medias and the scummy app devs using their ~~SDKs~~ trojan horses. At the very least these apps need to be named and shamed, I find this fraudulent and extremely difficult for end users to police.

I have very minor hope that Apple at least will one day shine light on this or ban apps who are not transparent about the data they're sending and to whom, as it doesn't conflict with their business model and they seem to be moving there. For now I have to essentially disable bluetooth when I get out of my car.


This is how an app like Facebook can show you an ad on something you were talking about.

It would be naive to point the finger at Facebook listening to you, it would be more accurate to assume its EVERY OTHER app (including FB) gathering data about you and your surroundings - MAYBE ONE IS ACTUALLY LISTENING - but whether any individual app is or isn't, the data brokers have all the data as well as other people like you that have probably reacted to the same external stimulus and can be predicted to be thinking about a certain product around that point in time.

POOF - an ad about that thing you talked about, now on your Facebook feed.

Zuckerberg gets hauled in front of Congress, accurately says "what? no we don't do that", data brokers and software engineers laugh to the bank and let Zuckerberg get crucified for their sins.


Yes absolutely, everyone else is gathering this apparently and it has to just be assumed now. I hadn't thought about it with the "facebook is listening" stuff but this makes way more sense.

It's particularly frustrating given how hard I try to disassociate myself and my family from "data brokers" and then I read another thing like this.


I think people jump to "the app is listening" because it's the easiest concept to understand. Anyone with a technical background knows why that's extremely unlikely, but it still makes more sense to people as a narrative than the complex web of online trackers and analytics gathering that happens out of sight and contains vastly more information about individuals than could be gleaned by eavesdropping on ambient room noise.


* "What? No, we don't do that. We provide the infrastructure for others to do that."


> This is how an app like Facebook can show you an ad on something you were talking about.

I helped my sister look at a new car an hour away in another town. Back home that evening YouTube was suddenly suggesting new car videos.

Not so much Bluetooth as my own fault for using Google products and tracking but still it was disturbing. I did not search for anything car related myself or for my sister all I did was visit a car dealership.


If this is rage inducing, you're going to lose your mind when you find out what companies have been doing with tracking phone location via GSM.


And this, too, should be illegal.


But it won't be. And even if it were, let us remember how well the law works to curtail crime among governments and wealthy corporations and individuals. They'll hide it, "repurpose it", lie about it, and engage in years-long legal battles during which time the public loses interest. If it is more profitable to break the law and pay the fine, that is the best business decision.


That's true... and that's why we should push for 2 things to happen when it is found that a business knowingly broke the law (or knew it was at risk of breaking and went on anyways) : - a "proportionate" fine should never be less than 100% of the profits derived from their behaviour - whoever authorized the company to go forward should be personally on the hook too


I saw a thing 10-15 years ago with a business associate building retail. He had average income for everyone driving by, some profession data, all sources from mobile carriers.


What's funny about all this data collection is, does it really help sales all that much?


I think it helps when you’re siting locations from a thousand miles away and don’t know the areas you are investing in. You don’t want to drop a Dollar General in an upscale suburban environment, nor drop a Chipotle a half mile away in a trailer park corridor.


iOS 13 actually has BT permissions per-app, and blocking that has no bearing on bt audio as that’s handled on the system level. It’s quite eye opening. Netflix for example wants access to BT even though there is absolutely no Netflix accessory that would warrant such access. I’m pretty thrilled about the change and it only cements my choice of iOS for me.


That still won't change much, though, because, inevitably, there will be some app that requires Bluetooth for some fundamental aspect of its use that will also use one of these SDK's. Granting that app access to this will give it all the info it needs. What really needs to happen is that Apple needs to make some of these beacon-able permissions more granular. How to do that in a way that a tech-naive population understands what's happening is a very difficult problem to solve, though.


Which app types require permanent bluetooth access? Bearing in mind that connected to bluetooth audio is handled for apps by the system.

Not being snarky, genuinely unsure what would need this. You’re definitely right that a single app with permissions and the sdks would be enough.


Fitbit is a good example. I'm willing to bet a good amount of money that they sell a lot of the BLE beacon data they snarf up alongside their heart rate monitor data.


Fitbit is a good example of an app that requires permanent Bluetooth access, but a terrible example of a company likely to sell user data. Fitbit's users are its customers, and are the source of $1.5 billion per year in revenue. Any money gained from selling that data would be miniscule in comparison, and would put the main revenue stream at risk by alienating customers.

I work for but don't speak for Fitbit.


It's not Fitbit that necessarily is collecting this data, though. Fitbit might simply be using an SDK for Bluetooth detection, for example, that's provided by a company that does sell user data. The number of paid platforms and frameworks that are out there and used by all kinds of companies is crazy and it's not too big of a stretch to realize that some kind of tracking framework runs on the business of aggregating and selling that data while only providing the company in question using the framework with some of it.

It's not even too big of a stretch to realize how many free WordPress frameworks out there collect and sell aggregated site visitor data. I mean... if you're using a free Google Analytics service, do you honestly think they're not doing something with all that access to your site info?


Fitbit has its own Bluetooth stack.


That doesn't change the fact that they could be using another framework or library that has code to access Bluetooth. As long as the app has been granted access, the framework would have access too.


I really doubt there is any such application that most consumers would install. Maybe there are some industrial applications but most people have no use for Bluetooth apart from audio.


Bluetooth scales are fairly common. As are toy robots and quadrocopters that use Bluetooth for control.


Apple doesn’t pop up this permission dialog for their proprietary iBeacon system though, since thats also handled at the system level. With that taken into consideration, this feels less like a privacy feature and more like an anticompetitive move.

At least, that’s the situation to the best of my knowledge.


iOS 13 makes apps ask permission to use Bluetooth, so at the very least it's going to massively cut down on passive data collection.

They've already banned these SDKs in the kids category. I'm sure the next step is to ban them everywhere.


Just disable background activity for all apps that you don't fully trust. For me, that pretty much means like four first-party Apple apps that actually reasonably need it.


That's a good personal workaround, but it's not a solution to a problem - much like moving to a different city doesn't solve the problem of the manufacturing plant poisoning the water supply of the city you live in.

Adtech industry needs to be torched. GDPR was a step in the right direction, but unfortunately isn't nearly enough (I'd start with more aggressive enforcement of it, though). Something to pressure your politicians for.


I wonder if the usage of any data by advertisers was the hardest regulated, could you stifle demand for certain types of data sources. If you need to show a verifiable paper trail that leads back to a trusted acceptance from the individual user, then it would hopefully make advertisers think twice about their data sources as many technologies out there now rely on user fingerprinting to skirt privacy regulations, and could never provide proof of consent for collecting their data.


Another personal workaround - which I just realized must exist and apparently does - is a Faraday phone case...

https://silent-pocket.com/collections/all-products


Well that works if you use your phone as a PDA or a one-way communication device; but that's not the common usecase now is it?


To be fair, he did called it a personal workaround. If it works for you, it doesn't really matter if it is common.


Just turn airplane mode on.


What about all the people around the world who can't afford to pay for the services that adtech currently pays for for them? Why do you feel you can make the decision to get rid of adtech on their behalf?


I'm not making the decision for anyone - I'm not the Supreme Commander of the Solar System (yet). I am merely advocating for destruction of adtech, as much as I can.

As for people using services subsidized by adtech - there's no rule of the universe that says you can either pay everything in cash, or have it free with ads. Those are only two particular business models out of space of many. Getting rid of adtech will only make ad-powered service providers switch to the next best model, hopefully a more ethical one.

The question you're posing is equivalent to "what about all the people who couldn't afford X if providing X wouldn't involve toxic chemicals poisoning their water supply?". Societies around the world consider many business models unacceptable; I'm only pleading that advertising as practiced be added to the list of such unacceptable business models.


It makes me sad how crappy weather apps are in particular. I keep getting this ad for "NOAA Weather Radar", which sounds official, but it's actually some adware by some Russian throwaway app company. I am not sure why the NOAA lets them call the app that. (OK, I actually sent them an email about it and haven't seen the ad for a while, so maybe they got caught.)

What annoys me is that weather is built into both popular phone OSes, so I am not sure why people install ad/tracking apps to get weather information. (What makes me sad is that I really like Weather Underground and subscribed for years... but now their website is super slow and bug-ridden, and I believe it's officially been canceled by their new corporate overlords. So I have no real good way to get "advanced" radar products except via GRLevel3.)


I'm guessing this can be policed by a service allowing the user to see a map containing location detail & time accessed information per apps installed. Thus, showing the user which apps installed are signaling with bluetooth and when they're entering specific stores throughout the day.


This is a feature that's being added to iOS 13, along with occasional popups reminding you that an app has location privileges, and a map of where it's been tracking you.

https://9to5mac.com/2019/06/08/ios-13-location-permissions/


Sounds like a good idea!


They could have the whole thing be opt in as opposed to opt out. If you want to find the drills at your home depo then opt in via the app otherwise could be ignored. This would at least give people visibility in the same way location services, contacts and push notifications do.


I don't know but my method never fails, look for an orange apron guy> "hey buddy where are the drills?" You'll even be escorted to the right spot.


Reminds me of attending a concert around 2009. We were chilling to the pre-set tracks, my date started fiddling with Shazam on her iPhone. I walked back to the sound booth and asked.

My method delivered.


But didn't Apple change IOS so that the button to turn off bluetooth does not actually turn off bluetooth's ability to work with beacons?


No, turning that off blocks beacons and disallows new connections via bt. It still allows existing active connections which may be where it’s confusing.


Does turn itself back the next day when you use the quick on/off button... that’s been pretty annoying to me, but I get why it’s there.


I find it interesting that the article doesn't mention how various agencies track you through bluetooth beacons when you drive down a road or walk around a city. These devices are in plain view for everyone to see, but for some reason it seems that most people don't see them and basically nobody ever talks about them, yet they are everywhere.


How does this work if you don't give bluetooth access to the apps which include those toolkits?


The looks I get for pulling out my flip phone are well worth it.


If Apple really cared about privacy&security, they wouldn't do only a milquetoast appeasement like "ban apps who are not transparent about the data they're sending and to whom" (which is arguably how we got into this out-of-control industry sociopathy in the first place, with "self-regulation" and "privacy policies"), but Apple could even kill off most all surveillance possibilities in apps.

Imagine if using an app on your iPhone was regarded as more safe than visiting a Web page produced by the same organization, because Apple protected you more than Web standards do. It's a definite technical possibility, and I suppose it might make business sense for Apple.


This is really big in the WiFi space. Aruba, Cisco, etc all market services to public places like malls where you throw in a huge public wifi network, and regardless of whether you connect or not, they can see phones looking for known network and track traffic patterns.

Malls can then see which stores have highest foot traffic on what days, etc. It's actually one of the things that justifies the expense for huge, expensive free wifi deployments. And it is used to more accurately price locations around malls.

The other alternatives to getting the same kind of data is security camera analytics. Sometimes literally someone just watching footage and taking notes on who they see and what kind of demographics, etc. Which is problematic in it's own right.


Well they automate the security camera analytics now too. I just saw this one recently:

https://www.sentinelcv.com/


A lot of Verizon stores are owned by third-party companies. I had the chance to speak to one of the regional reps in a college class and he told me his company [1] does facial tracking of everyone who comes in the store. It also monitors employees and how many breaks they are taking/what they are doing (like hiding in the stock room).

[1]https://www.tccrocks.com/


My uni did this to tell you how busy the libraries were.


I think the biggest misconception here is the belief that Bluetooth LE beacons are tracking phones. The beacons themselves operate as transmit-only and don’t receive any data and therefore don’t perform any tracking themselves. The more correct way to look at this is that the apps are tracking a user’s location, and the beacons are providing the app with information to determine the current location.

If the app’s knowledge of your location provides some service and the user is opting-in, this shouldn’t be a problem (just like I opt-in to provide Google Maps my location).

The keys here are (1) users should be aware that an app knows your location, and (2) User should have the ability to opt-in to providing my location to the app. The mobile operating systems should do a better job of making the user aware and making it very easy to opt in or out.

Maybe an ideal solution would be where (assuming the user opts-in) the OS automatically controls whether an app has the ability to use Bluetooth locationing when the GPS detects that I’m in a certain area. For example, the Target app is prevented from using Bluetooth tracking most of the time, but when my phone GPS sees that I’m in a Target store it automatically enables it while I’m there, and disables it when I leave.


The cynical part of me thinks this is the real reason to get rid of the headphone jack -- to make it inconvenient to turn off bluetooth.


On the iPhone turning off Bluetooth using the control center doesn’t even turn it of fully, precisely so that these location services (and other features) are still available.

https://www.vice.com/en_us/article/evpz7a/turn-off-wi-fi-and...


Indeed.

Sidenote, it behaves differently if you've enabled airplane mode (or at least so the UI would indicate). In airplane mode, it gives no message and the wifi/bt icon goes transparent. If you're not in airplane mode, the wifi/bt icon goes light gray and it says 'disconnecting <device type> devices until tomorrow' but the radio is still on as your article mentions.

Personally I miss the old behavior where it just turns it off, but I'm often in airplane mode so I get the old behavior anyway and great battery life :P


This is such a dark pattern.


i believe on iphones, the fake off-switch for bluetooth disconnects the devices you actually want connected (airpods, watch), while not being completely off for everything else, like beacons.

instead, it should only maintain bluetooth connections to devices already connected (or better yet, trusted), while being invisible to everything else. i know with bluetooth this is technically difficult, if not impossible, but that would be the more customer-friendly implementation.


It keeps the watch, pencil and airpods connected. Disconnects my third party keyboard. Unsure how it works in the mall scenario.

Anyone know? Occurs to me I could shut wifi fully off when leaving home, and turn bluetooth off with the toggle to still use my devices. Don’t know if that’s useful however.

Used to use airplane mode all the time, but modern convenience became too great.


hmmm, are you sure these things stay connected? i just tried with those 3 items and none stayed connected when i fake turned-off bluetooth on my iphone/ipad.

or maybe it's a feature of the newer devices? my apple devices are older and have bluetooth 4.2 still.


Dead certain. Are you on ios 12? If you're on an older version, that could explain it.

When I turn it off, the bluetooth menu in settings says "new bluetooth connections have been turned off from control center"


On the other hand, I'll tolerate whatever dystopic hellscape before going back to the tangly shitshow of wired earbuds.


Conveniently, thanks to modern technology, you can have a headphone jack and bluetooth support on the same device.


Having done some proof of concept work for a couple of very large retailers using BLE/beacons I believe most of the scumminess isn’t on the retailer side but the 3rd party API/framework.

The requests we were fielding was for better ability to find things in the store, floor maps for every store with wayfinding, and the ability to use the app to get more contextual info on demand.

For those not completely in the know on beacons: they are broadcast only and it is the apps running in the background on your phone that shuffle off the data on your phone. If you were running a device free of the offending apps, your privacy is fine on that front. The WiFi tracking is a different story though.


I'm a developer, but I've never touched mobile dev at all. Could you clarify what "running in the background" means here? I see it come up a lot and I'm never quite sure.

Specifically, if I have an app installed, but it's not open in any way (e.g. in iOS I double tap home and swipe up on the app's window to close it) can the app still run any code? Am I safe from these "background" vulnerabilities as long as I aggressively kill apps that I'm not actively using, or is simply having the app installed enough to let it run a certain amount of code on my device?


They can if given permission to. For certain apps in iOS it’s usually an application asking for location permissions without a real good reason for it, that’s why (in my opinion) it seems like weather apps are some of the worst offenders for this stuff, as it makes sense to give it location permissions. There are other permissions that can be abused as well, but location is the dead give away.

I can’t speak to Android as it’s been a long time, but iOS is pretty strict about what you can and can’t do in the background. There are certain events that will “wake up” an app, even one that is killed. You’re not necessarily safe if you have a bad app installed and kill it. I usually just recommend avoiding free apps that seem super heavy on ads. Because the ad framework is likely abusive, even if the developer didn’t intend it.


Thanks. That's pretty unfortunate. I guess I'll just be event more aggressive about denying permissions requests and uninstalling any app I don't have a good reason to keep now.


This is a bit off topic, but how could I do this at home? Seems like it could be a great addition to home security systems. Criminals know to cover their faces with all the cameras and they use stolen vehicles that can’t be traced back to them. I bet they still have their phones with them. I’m not sure the police would take action on a device’s MAC address- but it’s still another data point. Perhaps there are hardware/usb sticks designed for this purpose?


I do wifi tracking for a living and no there is no off the shelve solution for consumers that I have ever seen. You can accomplish this with a raspberry pi, a wifi adapter that supports monitor mode, and tcpdump set to the right filters. However, I don't see why anyone ever would.

As others have mentioned many of the top wifi brands, Cisco, Aruba, and Meraki (now owned by Cisco) provide this kind of information to clients at their enterprise level.

The reason this doesn't exist for consumers for security at least is that in the use case you described it is hard to tell what MAC address belongs to each device. Even in a neighborhood, you will detect hundreds of macs a day due to mac spoofing that modern phones do.


Built-in RaspberryPi WiFi can do monitor mode. Kali Linux even has a raspberry pi image. RaspberryPi also has built in Bluetooth that supports 4.1 and low energy. Since Bluetooth is a less powerful signal, is there anything I could do with that?


I haven't tried to track phones with bluetooth, it seems like it wouldn't be possible because phones aren't always announcing themsleves. A by product of battery limitations I would guess. The more common use is tracking powered tags for the purpose of asset tracking in say hospitals or similar.

I didn't know the onboard adapter supported monitor mode, that is ligitmately useful knownledge for me. Thanks, it should be simple to build your own sniffer to just plan around with. Carefull if you are in the EU though, not that it is removely possible to catch a silent sniffer.


To me, this isn't big news -- It's at the point where I turn wifi and Bluetooth off when I'm shopping.

Look at some of the filings by Kroger:

https://fccid.io/PBR-SZG3APWC/Users-Manual/Manual-3994818

They are tracking down at the bay level for some items.


> I turn wifi and Bluetooth off

You believe that makes a difference?


It doesn't for Apple users. Location and other bluetooth features are still on after you turn it "off".

https://www.zdnet.com/article/ios-11s-control-center-may-say...


That's the control center shit. I made a shortcut widget that actually shuts it off for this scenario.


The only option is to cage your phone in a Faraday bag and only use it when necessary. Trust no company. Trust no government.


Airplane mode? Shutting off the phone? Not like I get service in the grocery store anyway.


Based on the title of the article I was expecting the stores to passively collect data based on the MAC address. I guess I was way wrong. I am a traffic engineer and we use passive BT MAC address scanners to sort out origin/destination and travel time. This is done by setting up multiple detectors around a study area. Each detector saves the time and MAC address of every device it detects. We later match the MAC addresses that have been detected at multiple locations and that gives us the travel time between them. The raw data is rather useless for any other purpose, to us at least, and is tossed after we are confident in the data results. If a store were to use something like this, they would have to tie my MAC address to me, which I doubt would be too hard.

I don't see anything wrong with passively tracking people in a store, mall, shopping center, etc., as long as it is used to inform the owners of movement patterns in the area. To use the information to push notifications and determine purchasing habits of people is over the line.


To me there is a difference between what you describe, where hardware deployed in stores collect detected bluetooth signatures, and what this article describes, which is YOUR OWN DEVICE reporting on your movements.


Android has a feature called "nearby device scanning" so even if you turn off bluetooth, apps can still do BLE. I suspect stuff like this, where many many apps can spy on you on behalf of others, is why Google made BT access a Location category. But it means your weather app that uses location to tell you where you are? It is selling your location via BT beacons to 3rd parties.


For those who are interested, this feature can be deactivated. The location in settings has moved around a bit, but you can just search for "nearby device scanning" and shut it off for both Wi-Fi and Bluetooth.


I really wish android differentiated between foreground and background location permissions.


Meet the newest Android Q (10) which is available as a beta. The permission levels are there for what you wish. It's impressive to see just how many apps were previously getting background location (and many other) permissions by default. Eye opening experience for someone that figured it wasn't that bad.


> Meet the newest Android Q (10) which is available as a beta. The permission levels are there for what you wish.

I would like to congratulate Google for such hard work. I mean, CyanogenMod 7 in 2010 could revoke any app permission at the user's will, but you know, computers are difficult


That is very good to hear - excited to try it out.


Nothing would make me want to buy yogurt less than an ad on my phone while I'm looking at yogurt. I would hope everyone would feel the same way, to disincentivize this.


I would agree. But the skeptic in me thinks that once this behaviour is mainstream enough, people will forget how outraging it is and just accept it.


This is what I'm thinking.

The first time this happens, I'm not going to buy the thing, but I'm going to jump through whatever hoops are necessary to disable this feature on my device. If that doesn't work, I'm going to get another device and then I'm never going to patronize whatever retailer did this.

I suspect eventually this will make people irate and these sorts of things will become opt-in.


The best way to protest surveillance capitalism is to make it ineffective. If you get a pushy or creepy ad, go out of your way to avoid that product or brand. Even if it is appealing to you. Even if it's a good deal. Send the strongest kind of signal against targeted ads: money.


I do whenever I can. For instance, for close to a decade now I maintain a blanket ban on Groupon for that one time they spammed me with retargeted ads a bit too hard (3+ same ugly pink ads simultaneously on a single webpage).


I agree, ads should go to wrist, not to phone.


Shouldn't there be a setting under Privacy to turn responding to beacons off?

I'd be interested in a list of popular apps or SDKs that use beacons -- so I could uninstall them pronto.


This book https://www.amazon.com/Aisles-Have-Eyes-Retailers-Shopping/d... goes into quite a bit of detail about various techniques retailers use to track customers.


What exactly are retailers doing with this data, that they couldn't do before? If you go to a supermarket and pay by credit card, the supermarket is going to have a profile on what type of things you like to buy, even if you aren't a member of their loyalty program. They've been doing this since loyalty cards became popular in the 90s.

It seems somewhat benign, and not very useful, that they know I spent 45 seconds in front of the yogurt section, compared to the average at that time of 28 seconds. Maybe a friend I haven't spoken to for a long time started messaging me. Or maybe I was helping an elderly person get something from the top shelf.

The part about eending ads to your device is FUD, any app that starts doing that without my permission is getting uninstalled straight away.


We aren't privy to the back office deals they are brokering with our data across advertisers and what not.


In order for this to work the apps have to listen to bluetooth signals from the beacons (or register a hook for an OS level beacon listening service?). How do I prevent an app from listening to bluetooth? Is this gated by the iOS "access current location" permission, or the "bluetooth sharing" permission? The iOS docs I've found are unclear: https://developer.apple.com/ibeacon/Getting-Started-with-iBe...


So... turn off Bluetooth and Wifi when you go into a store? Put subtle lines on your face with makeup to confuse their facial recognition systems? What else do we need to do now to go out in public?


Extend laws against creepy stalking to mass, blanket versions of same, even when a corporation does it, online or IRL.


IIRC turning off Bluetooth does not turn of BTLE, at least on some devices. So even if it is "off" you can still be tracked.


Physically dismantle every data broker's office and data center? Not sure what else would be effective.


Turn off your phone?


What you need is something similar to EU-GDPR! This would be illegal on so many levels in Europe.


fyi BLE tracking is both completely legal and has wide spread usage all across the EU. there’s hundreds of EU-based companies that provide these kinds of services.


Getting the data might not be illegal, but storing it without a direct reason or permission would be illegal


I feel like I need a lot more clarification here, can anybody help out, whether on iOS or Android:

1) Some random third-party app has to be running on your phone to detect beacons and send the data back... how viable/likely is this actually? It seems like this would only ever effectively detect a tiny percentage of users at best who just happen to have one of the apps open while walking around a store?

2) For an app to detect beacons, don't you have to give permission for the app to use Location Services? I've tried Googling it but can't seem to find a definite answer... I'd be surprised (and saddened) if Apple or Google are allowing apps to detect beacons without explicit location or Bluetooth permissions.

3) If the goal is to track as many users as possible... wouldn't it be far more efficient to look for Wi-Fi devices that are scanning, and identify them by their MAC address? I don't understand what Bluetooth beacons enable that Wi-Fi scanning doesn't.

4) The article lists companies that provide these third-party toolkits... but not a single name of an app that uses them, or what percentage of phones contain an app with them. Since this is the main accusation of the article... I don't understand why they wouldn't provide even a single instance of proof.

I've just seen a lot of very questionable reporting from the NYT in the past on tech/security/privacy, so I'd like to understand better how real this is or not.


> Some random third-party app has to be running on your phone to detect beacons and send the data back

They don't have to be running. Here's my understanding (for iOS anyway):

1. Apps have the ability to subscribe to bluetooth callbacks from the OS, which is constantly scanning for them (about once a second, from memory). It will be something like, "wake me up when you detect that beacon with UUID ABCD123 is in range". ABCD123 would be the standard ID of a marketing company's beacons - there could be millions of them.

2. The beacon also have sub-IDs identifying the exact beacon being used. The marketing company will know which are where.

3. Whenever the beacon is in range, the OS pings the app with the data, which decides what to do with it in the same manner as a background data refresh. This could be something useful, like waking up to let you know your suitcase is nearby - but it could also be silently uploading that data to a server.

4. The software to do this is being bundled as a paid SDK in a great many seemingly-unrelated apps, such as weather apps.

5. This behaviour is not counted as location services in the OS, and may or may not be disabled even when bluetooth is "off" on the phone

Corrections welcome but I believe that's roughly what's going on.

I'd greatly appreciate something like Little Snitch on the iPhone so I could see which apps are doing this and delete them with extreme prejudice. Back in reality, I'm glad this is getting attention - at the very least Apple should be providing a list of apps requesting BT access, and indeed any network access over time.


Thanks, this helps a lot.

I'm pretty shocked all this can go on in the background without permissions. With Apple adopting such a privacy-conscious stance, I really hope this gets their attention so beacon scanning requires explicit permission in the future (and separate from location services -- my weather app needs to know where I am, but certainly doesn't need to scan for beacons).

This is honestly pretty egregious.


> This is honestly pretty egregious.

It certainly is. I knew about the mechanics of it but hadn't realised it was being so widely abused. I would like to see Apple come down on this swift and hard.

Third party paid SDKs! Those cunning bastards. AdTech really is the dregs.


>I'd greatly appreciate something like Little Snitch on the iPhone so I could see which apps are doing this and delete them with extreme prejudice.

It would be trivial to do this if you can get your hands on an iphone with a jailbreakable OS version.


I can answer some of these... keep in mind this perspective is from the Android ecosystem, where I was able to get a similar system working.

1. Apps can be running in the background. I'd say its more common than you think 2. You need to provide location permissions (either the ACCESS_COARSE_LOCATION or ACCESS_FINE_LOCATION). It seems like every app requests these permissions anyway, so not a red flag just on its own. 3. Something scanning for a WIFI devices has no way (easily) to coorelate those addresses back to a user. With this bluetooth low energy method, the users own phone is the one who reports the detection back to {company}'s servers, so it can pass along any/all other information it has about you. Their location accuracy is also pretty crazy (radius is within centimeters if they've done it well). 4. Bluetooth low energy is actually crazy easy to set up, see here for more... https://developer.android.com/guide/topics/connectivity/blue...


Formatting :( Cant even edit to correct it


Unsure about the others but for (2), no. These beacons use low energy Bluetooth so when the app finds a beacon with just Bluetooth (which doesn’t require explicit permission afaik) it can simply report back with that - presumably the owner of the beacon (the store) knows where the beacon is and now they know your approximate location without any phone location services necessary


On Android, this just had me 1. Settings > Security 2. Click on Location 3. Enhance location precision 4. Disable "Bluetooth Analysis" aka the use of BLE beacons


The really simple answer? Give up your smartphone. It's eating your life anyway, crossing boundaries with your family / work. You're addicted to checking: your downtime is zero, your free space to think: negligible. Mindfulness: none. Mindlessness: maximum.

Just a thought.


How is this kind of "advice" anything but plain old-fashioned victim-blaming?

If ever an entire category of HN posts deserved an instant trip to -4 territory, these ever-present and singularly-unhelpful posts ("Just turn your phone off/leave it in airplane mode/leave it at home/give it up for Lent/sell it on Craigslist/go to Uttar Pradesh and join a Zen monastery") should more than qualify.

Letting scumbags dictate how you live your life -- or how you use your phone -- is never the optimal strategy. Don't turn off. Fight back.


I don't really see how my thought (note: more "thought", less "advice") qualifies for this ire, but, hey, maybe you too need to spend less time on social media being angry at people ;-)

Actually I think a considered and gentle re-looking at one's life is an entirely viable thing to do.

What's so nuts about leaving your smartphone at home, or giving it up completely? Try taking a step back in an attempt to take a cold look at how weird and unbalanced this whole smartphone addiction thing has become. A situation in which, what, 50%+ of any random group of people has head down looking at a screen? A situation in which a family goes out for a meal and spends the time with each member socialising with people in the virtual world but not with each other? A situation in which young girls are self-harming because they're spending 6 hours a day comparing themselves with others online? I live by the sea - a beautiful, wonderful part of the world - but the number of people who simply don't engage with the world they're moving through because of this little square of plastic in their pocket is astounding.

There's nothing blame-y about this - yes, the corporations need a slap at what they're doing with our data and our lives - but we've got individual agency, too.


I am tempted by this more and more.

I'd be curious to hear from anyone who's tried it


There was a HN thread about it the other day, but I don't see the point of rushing out to buy a nokia if you've already bought a smartphone; that's just doubling down on e waste.

You can always detox your phone though. Delete all your third party apps, stay off mobile web and it's a de facto dumb phone with a battery that lasts a day instead of a week like your old razr.


I'm just over a year into it. I'm going to write this up in more detail at some point but broadly my strategy has been:

1) Keep a smartphone without a SIM in it at home on wifi for banking / 2FA / etc

2) Move everything social off it. I was never a FB user, but I'm into Twitter and news - so those two got canned, as did Instagram

3) Take work email off it. If you can't, turn off all notifications. If people want you, they'll ring you.

4) Anything you want to do, do it on your desktop - you have way more control here. I use https://heyfocus.com on "hardcore" mode, which blocks Tweetdeck, email, news, HN, whatever so I can actually get work done

5) Have a dumbphone for out-and-about use. It's painful, awful texting, no camera - but it is remarkably liberating to have moments of boredom, moments when you'd normally take a photo but can now just admire the view, moments when you have to actually "ring" someone (I know, this is apparently a thing..)

6) Never let your smartphone into your bedroom, ever

7) Put any gadgets on charge upstairs after 6pm, and leave them there on silent until the morning

It works for me. It hurts, and sometimes I slip (if I have to travel with work, I normally re-sim-ify my smartphone for maps or whatever), but in general I feel more a part of the world I'm supposed to be spending my life in, rather than down a rabbithole of virtual nothingness.

The first and easiest way to try this is simply to leave your phone at home when you go out for a period of time. Redirect calls to your partner if you need - but just try it. There's a Zen saying: "if you don't have 10 minutes to meditate each day, you should meditate for 20 minutes". If it hurts, try it for a longer period of time!


We need to articulate the changes we need from Apple & Google. Something along the lines of a) permission required for any app to use Bluetooth or BLE - preferably differentiating between whether the app is running in the foreground or background b) a way to turn off both Bluetooth and BLE at the OS level. Then pressure needs to applied either through public opinion or through legislative efforts.


App level bluetooth permissioning is actually planned as a part of iOS 13

https://www.apple.com/ios/ios-13-preview/features/


I actually implemented a nearly identical system for my senior design project, except we targeted the smart home ecosystem. Basic use cases would be automatically turning on/off lights or having a music stream/temperature preference/... follow you as you move throughout your house and enter/leave rooms. All implemented by an app on your phone detecting strategically placed beacons.


Haha I did a very similar thing for mine - it was using these to replace clock in systems for hourly workers, no more need to clock in or out, the app would auto detect when you entered/left the building


This isn't new. I wrote this blog about beacons back in 2015 for the NoSQL vendor Aerospike; there aren't just audio (high frequency) beacons. There are also RF and other spectrum beacons:

https://www.aerospike.com/blog/silverpush-unifies-people-dev...


The other day I had to send a video to a friend. Too big for email and fb messenger wouldn’t let him download it once received, so I ended up trying airdrop and got a list of names of everybody’s iPhone or iPad around me.

Apparently we are all telling anyone around us who cares to listen who we are.


Is there a way to determine which apps have the SDKs from Reveal or other companies?


Yes. My company (MixRank) downloads and analyzes mobile apps. Among other things, we determine what SDKs, APIs, etc, an app uses. We have 20k SDKs identified and track all of their installs/uninstalls.


I didn't know it was a secret? Figured it was pretty common knowledge back when iBeacons and similar were announced and when major retailers like Target even made press releases about it

https://techcrunch.com/2017/09/20/target-rolls-out-bluetooth...

Kind of funny that Apple pushing privacy basically helped create this kind of tracking to begin with.

Edit: NYT article mentions other apps selling data to retailers. I think it's time apps start asking permission to use BTLE. No reason a weather app needs that kind of access.


Wasn't this tracking the defining business use case going all the way back to when Apple introduced them in 2013? These devices might not be well know, but I don't think anyone was actively trying to hide why businesses were installing these things.


The less-known part is the widespread practice among app authors to just include random adtech SDKs that do all this evil stuff.


I had heard of the technology, but had no idea how widespread it was. To be honest, I had assumed it never took off.


Apple? Maybe it's the big stores and advertisers want to know everything about everybody that are to blame?


Yes Apple. They rolled out iBeacons and created a whole toolkit on ios that enabled tracking - at least a lot easier than it would have been.


Thanks, this makes sense, though beacon technology is not exclusive to them


So when can we start using this stuff to get indoor navigation or navigation inside tunnels to work properly? If we are being tracked we should get some benefit from it as well.


am I understanding this mechanism right?

1. Set up a bluetooth beacon in the diary aisle that broadcasts as a connectable (nor not?) device with an "SSID" (or the bluetooth equivelant) that is a known GUID

2. apps on your phone can scan for available bluetooth devices, and see the presence of the GUID, which is enough for them to know you are in the dairy aisle of Store 1234.

if that's right, does this mean disabling bluetooth, or restricting a device's access to scan for devices, will preclude this?


Basically it means those loyalty apps stores put out? Are you sure you know what that app is doing...?

You are right that disabling bluetooth or being aware of what apps your phone has is what is required.


You don't need the Target app to be tracked by Target, since the tracking beacon code can be in any number of unrelated apps (weather, news, games, etc.)


You can set similar tracking yourself with rpi, hass.io and presence detection module that can register and track MACs on Bluetooth and wifi


Hopefully not a dumb question...

Are there any apps / options that allow for only connecting / responding to a previously connected unless overridden?


AFAIU, on iOS disabling location access will stop apps from accessing beacons entirely, and apps have to prompt to establish this permission.


What I don't get is:

1. Pretend it's the 1900s.

Walk into a general store, shopkeeper sees you looking at ammo for 20 minutes and then leave without buying anything. Next time you walk in, he recognizes you and says he'll give you a discount on ammo if you buy in bulk.

This is totally cool, not a violation of privacy, and both parties benefit. win/win

2. Use a computer to do the same exact thing automatically

Rage, pitchforks and proverbial molotov cocktails and people going on privacy diatribes.

What's the difference?


Now, imagine instead that this store has an employee who follows you around with a notebook that quietly nods and writes down everything you're doing. At the same time, they are talking on the phone with a third party.

You hear them say, "So their names is John Smith? All right, all right, all right. What is their medical situation? Cancer, you say? Yeah, they're looking at razors right now. They are wearing the new Nike shoes. Just sneezed. Again. They are looking at allergy medication now."...

Then you look around and notice that every person in the store is followed by one of these employees.

You freak out a little bit and leave the store. The next store has the same kind of employees. As soon as you enter, the phone rings. The employee from the previous store calls your new "supervisor". On the phone, you hear a voice describing everything you've just done next-door.

This is what this situation would look like in an imaginary world of 1900s.


You're on HN and "What's the difference" is really your question? 1. Friendly private human interaction shared by two people. 2. Data is collected, sent, analyzed, sold, shared, distributed, stolen, and abused in order to maximize profit across expansive markets at the expense of any respect for the user's privacy. The user is tracked, distracted, and tricked into obeying algorithmic market forces of massive and opaque breadth. Every piece of data ever accrued is collected and stored in order to create an invasive profile of a user's movements, decisions, actions, and relationships, so that predictive programming can be implemented in attempts to guess the state of the user's mind prior to the user coming to these conclusions, or at least to convince the user that this is what the user wants. The end goal is technology that effectively usurps the user's free will, so that the user is completely reliant upon it for basic decision-making. The goal is to destroy free will. A society in which every individual action is known by governments and corporations is not a healthy society. It is an electronic prison.


This just seems like such absurd hyperbole I can't tell if you are serious or not. "technology that effectively usurps the user's free will" "electronic prison"

I don't believe any of this. Nobody can usurp my free will no matter how much data they have on me. Heck, even if I told them every last piece of private information I knew about me, I doubt they could increase my spending even 1% more than I currently am with all the coupons and targeted advertising and subliminal marketing in the world.


I'm glad that you feel you are immune to these advances. That doesn't change the corporate agenda though. They want you to buy their stuff. You, me, everyone. They pay loads of money to teams of people dedicated to utilizing the latest technologies to bend your will to their desire, with whatever tricks their minds may conjure. They work in concert with others doing the same. It's "just business".

We have a global population that is addicted to their phones. A great deal of their worldview is shaped on a daily basis by a small illuminated screen that fits in the palm of the hand, full of deception and manipulation, which goes well beyond grocery shopping. The phone is an ideal espionage tool since, for most people, it is turned on and broadcasting constantly, and always at its user's side. I mentioned "electronic prison", scaling out from this, in the sense that law-abiding citizens are under constant surveillance, similar to inmates in a prison. We have the ability to move around of course, but we can hardly do so without being watched, which does not equate to actual freedom. The human experience is being overrun by addictive technology that manipulates our will through mechanisms that are totally unknown by the average user. It may seem like hyperbole because its full effects have not yet been understood. It's not like this is the end: this is just where we are today. The intrusion into our lives will only escalate.


1. Pretend it is the 1970s in East Berlin and someone follows you around, noting down every interaction you have with other humans and every bit of media you consume and collects this information in a file somewhere for future use. This is the horrifying and oppressive surveillance machine of a paranoid dictatorship.

2. Use a computer to the the exact thing automatically today. This is just the natural state of the world, nothing to do anything about it, move along.


There is a clear difference between 1970s East Berlin and now. Stasi spying propped up a system that provided a relatively low standard of living and a limited availability of consumer goods. Modern tracking of customers fuels a vibrant customer-good market that is a win-win for everyone.


I don't think it is ok for any entity to make notes of when you buy condoms and then spend the night at an adress you don't live on and infer whatever it infers from that and then sell this information to any other entity to do whatever it pleases with marketing or otherwise. Even if I make more money than the X% who still have a worse material standard today than the median East Berliner.


Except this technology is being used in China today to monitor the bulk of every purchase, every internet site visited and every message sent and received.

The Stasi hid cameras in handbags and behind buttons but regimes operating today do not need to operate in such corse ways.


Human, local, and friendly interaction vs mega corporation using a profile they built without asking that has pulled as much information on you as possible while simultaneously using algorithms trying to determine how to get you to buy as much stuff as possible and pushing advertisements right to your phone.


The computer is doing it invisibly so you're creating a huge and compounding information asymmetry. You think you're a good person so that's fine, but someone more ruthless than you will exploit it.


It would be like if that shopkeeper also followed you around town, followed you home, noticed what you read, tracked when you fell asleep, read your diary, and opened your mail.


It's rage-inducing because the 1900 shop keeper doesn't keep a book about you specifically, notes down your presence to the last second, follows you home or into other establishments, etc. Also his memory is not accurate and no tangible proof (it's just his word after all), so nobody can download his memory if they want to spy on you for whatever reason (dissident, whistleblower, etc.)


Honestly, part of this doesn't bother me that much. It doesn't bother me for a store to know where I'm standing while I'm in their store.

What does bother me is the part where they can get lots of other data and use it to build a profile of me that spans far beyond their store. The fact that this Pulsate company encourages devs to include my email address, for example, seems really invasive, and probably would be illegal under the GDPR?


How do they actually make money?

Merchandising isn’t rocket science. I wonder if there is real roi?


Not if I keep Bluetooth turned off, which I usually do. Admittedly this is easy for me since my phone still has a headphone jack.


You may have been misinformed about the effectiveness of keeping Bluetooth "turned off".


I also keep Location History and Bluetooth scanning off, just because I want less Google in my life. Apparently those are important too.

[0] https://qz.com/1169760/phone-data/


mass background tracking is becoming the defacto leading industry


>Location marketing aims to understand “online-offline attribution.” If a Starbucks coffee ad is sent to your email, for example, marketers want to know if you actually went there and bought a coffee. The only way to know is to monitor your online and offline habits at all times.

Make no mistake: the purpose of marketing is to maximize information asymmetry. The natural end point is totalitarian: they know everything about you, and you know nothing at all, blindly obeying.


That is not the purpose of all marketing. That might be the purpose of this kind of tracking, but I don't think telling people the product you created to serve their need is inherently evil.

At its best, marketing is a way to let people know the goods and services you have that can make their lives better.

This is marketing at its worst.

I really enjoy this explanation of why targeted advertising is such a horrible thing:

https://zgp.org/targeted-advertising-considered-harmful/


I think positioning any kind of advertising as "helpfully informing" consumers is wrong. The ad wants me to buy the product. That's its purpose. No matter if it's bad for me. No matter if it's useless, or overpriced, or a competitor makes a better one. If a product I happen to buy because of an ad is actually the best use of my money, that's nothing more than a happy coincidence. No ad ever gave a list of reasons why you shouldn't buy a product.

When someone clearly lists the merits of a product without conflict of interest, then that does indeed lets people known what goods and services make their lives better. We have a different word for that - a "review". The purpose of an ad, by definition, is not to inform - the purpose is to persuade. They are opposites.


> This is marketing at its worst.

This is marketing at its real. As practiced.

> I don't think telling people the product you created to serve their need is inherently evil.

Of course it isn't evil, but this is not what marketing is doing - and claiming so amounts to a motte-and-bailey defense of an industry that's rotten to the core and quite openly malicious towards their fellow human beings.


I am not defending these practices at all, I am just saying the idea of marketing is not inherently evil.

I also think you are being unfair if you say there are zero companies that do marketing right.


"I am just saying the idea of marketing is not inherently evil."

And probably most of us, including me, would agree. The problem is when the market is saturated with goods compared to buyers so that more aggressive methods - read: lies and subtle psychological tactics - are used to convince those buyers they need this or that product when they actually don't. Which becomes even more evil when the product is something potentially harmful such as unneeded food, medicines, anything that will be soon thrown away creating more pollution, etc. The problem isn't marketing by itself, but the total disregard for moral issues that can and will make it harmful once overproduction and saturated markets get us to a point where lying is the only way to keep businesses alive.


I won't go so far as to say there are zero companies doing ethical marketing, but I am convinced there are very few of them - simply because ethical marketing is at severe competitive disadvantage to unethical one.


You were the first person to call the idea of marketing evil here.


Correct. In capitalism, marketing is the bidirectional flow of information correcting the asymmetry from inefficient markets. This manifests as branding, advertising, affiliate, etc. in the consumer direction and research, surveying, tracking, etc. in the seller direction.

It is the opposite of what GP is saying here, despite their doomsaying at their own revelation that retailers are listening to the broadcasting device consumers bring onto their property to better understand them.


Advertising/marketing word differences aside, when you put all of this into a bid based auction marketplace, the results for customers are pretty ugly. The flipside is that when a company over-optimizes their ad campaign and the margins of their product, there is no word of mouth and customers leave quickly because eventually the product is complete shit.


That's the purpose of targeted advertising, not marketing.


This is one of the reasonable justifcations for shoplifting.


yet another reason to just shop online or at mom-and-pop shops


You know tracking customers is a hell of a lot easier online. Mom-and-pop shops are probably the only way to go to avoid being targeted now.


> Mom-and-pop shops are probably the only way to go to avoid being targeted now.

Yeah, and pay cash before they get rid of it and make us all pay for everything with wechat bucks or whatever.


Mom and Pops are likely using this technology too.

Location analytics are a built-in feature of many sub-$300 access points.


A provocative thought experiment: are you more annoyed by retailers recommending a product you just purchased from them, or a retailer recommending a product you probably will need soon? In a world blanketed by advertising, I would rather see relevant advertisements than be bombarded by garbage. Maybe I will get a deal, maybe I will discover something I like, maybe I will ignore it... but the spray-and-pray untargeted advertising that tries to advertise arthritis medication to me as a 31-year-old man is guaranteed only to annoy.


> Maybe I will get a deal, maybe I will discover something I like

This is what the ad industry exploiting the fear of missing out [1] looks like when they tout the virtues of "relevant ads". You might draw a comparison with casino marketing to gambling addicts, alcohol to alcoholics, etc -- it's rather slimy.

[1] https://en.wikipedia.org/wiki/Fear_of_missing_out


In isolation, I'd prefer the better targeted advertising.

In reality, I'm not comfortable with the amount of privacy violation getting that targeted ad requires.


I find highly relevant advertisements creepy. A sort of advertising uncanny valley. I'll take the minor annoyance of a garbage ad bombardment any day over, what is to me, the much more concerning feeling of being surveilled.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: