Navigating the Moral Maze of Location-Aware Tech

May 2018 saw websites across Europe, and many beyond, scrambling to ensure compliance with the EU’s General Data Protection Regulation (GDPR). Banners stating ‘We value your privacy’ became a regular feature of browsing from Europe. Forms requesting visitors’ consent to be tracked started to mushroom around the Web; dubiously compliant ones are shamed on social media to this day. Some sites decided that Europeans were no longer worth the effort, and blocked them from accessing any content.

 

It’s enough to make you want to close the Web browser and go out for a walk—but the geography of our physical environment is increasingly becoming another important digital space. When people started navigating with Google Maps, businesses had to make sure their customers could find them. During the Pokémon Go craze, footfall in shops and attractions could be boosted by a smartphone game.

 

These new opportunities have brought new problems too. ‘Local businesses on Google Maps aren’t always as local as they seem,’ begins an article on techniques fraudsters have used to exploit the service’s business listings. ‘Uber used a secret spyware program to steal drivers from an Australian competitor with the aim of putting that company out of business,’ comes news from the app-based rideshare industry. Location-aware tech is in its early, experimental stages: we don’t know yet which aspects will in the long run be as essential as a Web presence and e-mail address, and which will end up as passé as a business presence in Second Life. And we don’t know what lawmakers and regulators will then make of it all.

 

We can make some educated guesses, however, by looking at measures to tame the former ‘Wild West’ of the Web. Concerns about online privacy gave rise to the GDPR, and the GDPR has obliged many sites to disclose how their visitors can be tracked and profiled. What that portends for location-based services has been a vexed question: even companies using GPS to track delivery drivers, for example, have been urged to consider the legal justification for collecting the data.  Before the Regulation was introduced, the International Association of Privacy Professionals could advise only that ‘the GDPR is not clear on the definition of location data, nor does it give specific guidance for how to handle it’. We probably haven’t heard the last of this, in Europe or outside it.

 

So let’s shift from regulatory compliance to look directly at ethical risk. You might reasonably think that people entering business premises—a shop, for example—have quite limited expectations of privacy: that of course they know they’ll be seen by other people and maybe even recorded by CCTV. From there it might seem no great leap to tracking people by their mobiles. Yet surveys revealed public mistrust as long ago as 2014. The UK’s Information Commissioner was issuing warnings about the practice in 2016. What businesses do with location data today isn’t just about complying with existing law: there’s an observable trend in public concern about tracking, and a responsible business can respond to that right away instead of compromising its reputation later. Clearly explained opt-ins, equally clear ways to opt back out, and scrupulous avoidance of ‘dark patterns’ all help to preserve moral hygiene.

 

What about individuals’ behaviour towards businesses, or businesses’ actions towards competing businesses? Premises are no longer just what the eye can see: they’re what machines are saying about the occupant. ‘Why will abusers and trolls bother spray-painting a house,’ asks one legal scholar, ‘when they can geo-tag it maliciously?’ What affects a house can affect a business too—but the ethically tricky cases for business arise not from ‘abusers and trolls’ but from competitive strategies: ‘Some retail and hospitality businesses will set up geofences around their competition, so when you approach the boundary, you’ll get a push notification prompting you to visit the other establishment.’

 

There are risks attached to such strategies too: get too pushy with your push notifications and you might end up linked in the public mind to the anti-abortion activists who used geofencing to contact women visiting health clinics. Indeed, the public probably doesn’t yet have a settled opinion about geofences and how they can be used; what early adopters are doing will shape how the technology is perceived.

 

Streams of data have been compared to a bloodstream for the ‘smart cities’ of the emerging future. Location-based technologies promise to upend how we think about the places we inhabit: to add layer upon layer of data on top of the physical geography. However, when all it takes is a smartphone app to mix real places with Augmented Reality content, ‘what about adverts for alcohol, or dating sites, or porn? How are the courts going to deal with copyright infringement, or the safety of AR tourist attractions, or taxing products that do not actually exist in the real world?’ To a large extent we don’t know yet, and anyone seeking opportunities on these new frontiers will have to deal with that—but this means ethically responsible businesses have their chance to participate in shaping the answers.

 

 

Robert Seddon, a member of the Virtue network, received his PhD in philosophy from Durham University, where he remains an Honorary Fellow and a member of the Centre for the Ethics of Cultural Heritage. His published research has ranged from migration, to video games, to space exploration, with a focus on ethics and culture.

 

Robert Seddon, Ph.D.