Customer-tracking vendor Nomi Technologies failed to give in-store customers an adequate chance to opt out of being tracked through their smartphones, according to a settlement announced on Thursday (April 23) with the U.S. Federal Trade Commission.
The FTC charged that Nomi’s privacy policy said it would give consumers who didn’t want to be tracked a way to opt out online and in-store. Instead, for nine months in 2013, Nomi provided no way of opting out in-store and didn’t tell customers — or other people who were tracked because they were just passing near a store — that they were being tracked at all, the FTC said. (Nomi did offer the online opt-out option on its website.)
New York-based Nomi was acquired by retail analytics company Brickstream last year. But in 2013 it was a startup with $3 million in funding that promised brick-and-mortar retailers it could let them track customers in-store as accurately as on a website, using the Wi-Fi signals from each customer’s smartphone.
Nomi’s problem wasn’t the tracking, but the fact that it didn’t follow its own privacy policy. That made the opt-out promises false and misleading, according to the FTC.
The company collected data on roughly 9 million smartphones between January and September 2013, and provided about 45 retail chains with insight on customer behavior based on the anonymized data, such as the percentage of consumers who passed the store compared to those who entered, average duration of consumer visits, types of mobile devices used by consumers, percentage of repeat customers, and number of customers who visited multiple stores in the same chain.
Under the settlement agreement, Nomi won’t pay a fine and isn’t admitting wrongdoing. But the company agreed to abide by its privacy promises and not misrepresent consumers’ options to block being tracked. Nomi said in a prepared statement that it updated its privacy policy to meet those requirements more than a year and a half ago.
Nomi will also retain copies of everything related to its privacy policy — including customer complaints — for five years, and respond to FTC requests for status reports within 10 days. If there are no further violations, the consent order will expire in 2035.
We’re always on the lookout for opportunities to partner with innovators and disruptors.
Learn More