Permission Critical

Posted on October 3, 2017

The balance between privacy and utility in mobile services and applications seems to get more delicate with every passing month.  So much of what we do in our connected lives can now be used to fine tune both the services we choose to use and the ability of numerous organizations to better understand us for their own benefits.

Where services can be improved by sharing personal information, I suspect many people would be content to give up a little more. I would have been quite happy some months back, for example, for Google to know that I had bought a washing machine. It had correctly identified I was in the market, and began showing me relevant ads. I was happy enough with this until I actually bought one, because Google kept on peppering me with those ads for weeks afterwards.

It would have been good to fire off a message: “Hey Google! I wanted a washing machine to do laundry. I’m not a collector.”  

Opting out of sharing personal information entirely may be possible but seems unrealistic. So what’s really important for all of us as individuals is that we have the information we need to make decisions about what we share and the ability to act effectively upon those decisions.

The introduction of the General Data Privacy Regulation (GDPR) in EU markets next year is helping to bring these issues into focus for many companies, Devicescape included, which are innovating in location-based B2C advertising and marketing.

Among the most important elements of the GDPR are the ability of the end user to easily identify any organization which may hold data relevant to them (and understand what that data is), and the ability of the user to clearly provide or withhold consent for any services based on data such as location, as well as data collection activities.

Of course the GDPR is a world more complex but, in essence, it is concerned with giving all of us clarity and control so we can make informed choices.

At Devicescape we are committed to being compliant with GDPR ahead of its introduction. Just as important, we want to be absolutely clear about what it is that our proximity marketing solution — Devicescape Engage — does and doesn’t do, and what we understand about consumers.

  • So, what do we do?

We give popular brands the ability to send advertising and engagement messages to end users’ smartphones, based on their location.

Smartphone apps embed our software so they can earn revenue by delivering these messages through their apps. Anyone receiving messages, has installed one of these apps on their smartphone and accepted the necessary terms and conditions.

  • How do we derive location?

Our software looks at nearby Wi-Fi networks and figures out location based on that information.

  • What else do we know?

Actually we don’t know anything about individuals, personally. We don’t know their name, address, or any of their contact details and we won’t ask for them. We don’t know anything about internet browsing, or other smartphone-based behavior, and we can’t read any messages, or other device content.

Consumers have the option to share their age and gender so we can tailor campaigns to ensure relevance, and sometimes we may require them to declare they are within a certain age group where messages relate to age-specific products. But sharing this information is never mandatory and consumers can always opt out.

We do assign a unique ID to each device, and we do collect the device’s advertising identifier (IDFA for iOS and Ad ID for Android; anonymous and provided by the OS)

We know which Wi-Fi networks a device has been in range of and we use that information to understand the different locations where the device has been.

We also understand which of our partners’ advertising messages have been engaged with on any given device.

  • What do we do with this information?

We use it to make Devicescape Engage a better product by improving the relevance of the advertising messages we deliver, and to understand footfall at different public places. The better the product, the better the consumer experience.

  • Do we supply this data to other companies?

Advertisers get to see response rates for their campaigns. In some instances we may also supply some of those anonymous advertising identifiers, so advertisers can provide relevant advertising across a range of platforms.  

In terms of GDPR we are working with our app and advertising partners to ensure we’re compliant across the board. The slides below provide more detail on what we’re doing to achieve that compliance. Of course, as for all companies affected by GDPR, this is a continuing process and important developments are still to come; not least some key guidance expected later this year.                                                                                                                                                                                                That said, it is patently clear that the privacy and rights of the consumer have to be put first. Anything else won’t wash.


Slide1 Slide2 Slide3 Slide4 Slide5 Slide6