The privacy-sensitive had a real scare before the 2012 Olympics when a digital startup located recycling bins on London streets that accepted a bloke’s drained Newcastle Ale cans and then, if he had his phone on, followed his trail to the local pub and thence to the neighboring police constabulary. This was accomplished by tracking the media access control (MAC), which is transmitted willy-nilly by devices seeking Wi-Fi connections, tracking a person’s movements and locations even if no connection is ever consummated. At least two companies—Euclid and Nomi—bake their bread offering such services to clients. No personally identifiable information gets transferred, just the singular MAC identifier, but that’s enough for retailers to track customer movements and infer certain things about the owner of the address, such as shopping habits and product preferences
It’s also enough to really tee off the average mobile phone user who may be OK with receiving location-based offers from a store whose app he downloaded, but is skeeved about being digitally followed by no one in particular. Apps you can dump in the digital dust bin. Brand relationships you can opt out of. But you can’t opt out of a MAC address. It’s inextricably linked to the device’s hardware ID. “If you’re data is hacked through the MAC address, the only thing you can do is throw your phone away,” says Drew Breunig , VP of strategy and mobile marketing services provider PlaceIQ.
But the worries of the privacy paranoid will be assuaged this fall, when Apple introduces iOS8. The new operating system will randomize the MAC code each time it connects with Wi-Fi, making it impossible to track iPhone or iPad users over time. (MAC addresses on other operating systems will still be able to be followed.) This is also good news for marketers, since it begins the removal of one of consumers’ biggest fears about data collection.
“MAC addresses are a world of hurt for marketers,” Breunig says. “If Apple hadn’t come in and changed this, it would have run afoul of legislation sooner or later. Anytime someone goes public about using this stuff, like with the trash cans in London, it almost always ends up rolling it back.” Following consumer backlash, London courts issued a cease and desist order to Renew London, placers of the offending trashcans.
Apple got burned by users before over MAC addresses, when it stored unencrypted data about Wi-Fi addresses. It learned, and made the subsequent correction in iOS 8. Euclid, Nomi, and other companies like them will also have to shift gears, especially if Android operating systems follow suit. But, for marketers en masse, it’s one less obstacle blocking their way to one-to-one connections with customers.
“This may cause short-term pain for some people, but in the long term I think it’s good for everyone else,” Breunig says. “This delays regulation for years.”
