I have been having some issues with my Bose products lately, both my headphones and my Revolve+. What is going on is that I am not able to play sound from certain apps on them some of the time. Some apps will play sound all of the time. The list is not exhaustive but here are some examples of apps that do/ do not work all of the time:
Do NOT Work All of the Time
Do Work All of the Time
Anyway, very confusing that they are not working. I went to contact Bose about the issue and filed a bug in their online form and this is where the business idea comes in.
Neat Does Not Mean Good
Now, to be totally clear I am on the fence on how this makes me feel. I also want to make it perfectly clear that something I consider “neat” isn’t necessarily something that I consider “good”.
I have done a search and it’s legal even in the case of GDPR, but having this sort of tracking done, or being aware that it is being done, kinda makes me feel strange. Or it did until I considered that we already do this with IP addresses and websites. I further went down the rabbit hole of reading this part of the GDPR:
1. Behavioural analysis
Recital 24 states:
The processing of personal data of data subjects who are in the Union by a controller or processor not established in the Union should also be subject to this Regulation when it is related to the monitoring of the behaviour of such data subjects in so far as their behaviour takes place within the Union. In order to determine whether a processing activity can be considered to monitor the behaviour of data subjects, it should be ascertained whether natural persons are tracked on the internet including potential subsequent use of personal data processing techniques which consist of profiling a natural person, particularly in order to make decisions concerning her or him or for analyzing or predicting her or his personal preferences, behaviours and attitudes.
Looking at “behavioural” led me down the path of how this statement relates to 3rd party cookies and affiliate websites. That’s about the time when I had a stack overflow and stopped looking into this. After the reboot, I remembered the GDPR parachute: consent.
In any case, I think there is some value to having even mac or IP address tracked in a safe way and that is knowing your unique visitor count in stores. There might be some additional steps that you would have to do to anonymize the data during collection (i.e. one-way hashes). You would also need to resist the urge to link that data to behavioural information, for example tracking an IP address and your food choice would probably not be a good idea (see what I did there? If not, read it again please).
Properly anonymized though you could get a valuable stat that you could follow up on, which is: unique visitors to your location. You could collect this without a EULA and make some inferences.
If you have a lot of unique visitors you can determine that you are not getting repeat customers. You could do some investigation to see why customers are not coming back in the form of customer surveys. I really hate those things, but I do fill them out if I like the place and I am assuming I am “like most people”…so you would really have your target audience, the ones that give you repeat business, answering what keeps them there.
Neat Business Idea
Okay giant rabbit hole completed, the business idea is this: a wifi provider that services restaurants and collect information such as:
- Unique visitor count
- Browsing Data (this one feels icky, probably the easy route)
- You’d probably want to look at this from a “target demographic” perspective, have the restaurant identify if it wants people that search Forbes, YouTubes, Google, Apple, etc. and anonymize the data somewhat that way
- You could probably work this in the EULA that you provided to get the raw data if you felt okay about that
- Statistic for Good: Number of sites visited and/ or time spent on their phone
- If people are always on their phone maybe you need some live music or ways to encourage them to interact with each other.
- Interaction and happy experiences would increase stickiness to your restauraunt…so maybe you need a trivia game? Or some sort of table game that would help keep them engaged with each other, happy and thus keep coming back
When using the wifi the user would be provided with a EULA that would comply with the consent section of the GDPR. If you feel icky about that you can always say “no”, but remember how many cookies your browser eats a day and how happy you are with that. Mmmmm, cookies.
If you do decide that this is your next business take a look at Google’s myaccount page. You might not need to go too far down here initially but it will give you a good idea of the considerations.
I also looked around for similar information on Apple’s site however was not able to find it. I did find an interesting article that suggests this information may be a bit spread out over Apples’ services. As I mentioned recently they are currently large Amazon customers and this information may be spread out over a number of smaller services.
- Bose Privacy:
- RealNext: https://privacy.retailnext.net/
- GDPR Mac addresses: https://www.gdpreu.org/the-regulation/key-concepts/personal-data/
- Stack Overflow: https://stackoverflow.com/
- GDPR and Consent: https://gdpr-info.eu/issues/consent/
- C is for Cookie – https://www.youtube.com/watch?v=Ye8mB6VsUHw
- Google MyAccount – https://myaccount.google.com
- Comparison of Data Collected Response Times – https://www.zdnet.com/article/apple-data-collection-stored-request/