Thursday, March 29, 2012

Just because you can, should you?

So I was surprised today to register a colleague's iPhone to use some web-based software. The company that provides the control panel we use lets me set register his name, username and password and a bunch of other things like address and phone number. All seems reasonable, at least it's normal.

But what pulled me up short was when I noticed the other details associated with the mobile device. This control panel makes a note of some things that seem slightly creepy:
  • Device type (iPad)
  • Carrier
  • Model (iPad2,2)
  • IMEI (the device's unique hardware address)
  • Location (the GPS co-ordinates where the user first registered the device)
I showed this to colleagues and pointed out that I now knew where one of them lived (he'd registered his device one evening instead of in the office, as had I; one of our clients had registered from his client's site, so I now know who that is).

We don't know how we feel about this - on the one hand, it seems that no harm is done and nothing is lost. But on the other hand, it feels a bit weird to see a photo of my house next to its GPS co-ordinates by clicking through this control panel that I've only used for business purposes. Especially when I was not made aware that this personal data was being harvested automatically.

It's left me thinking of the balance that we need to strike in pushing out new systems. Just because we can do something doesn't mean to say that we should - especially when there's no business benefit given to the user or the consumer of the service. In this case it just seems that the information is being gathered gratuitously.
Get more like this