4
Tim Hortons App Violated Laws In Collection of 'Vast Amounts' of Location Data -...
source link: https://yro.slashdot.org/story/22/06/01/237258/tim-hortons-app-violated-laws-in-collection-of-vast-amounts-of-location-data
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Tim Hortons App Violated Laws In Collection of 'Vast Amounts' of Location Data
Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!
binspamdupenotthebestofftopicslownewsdaystalestupid freshfunnyinsightfulinterestingmaybe offtopicflamebaittrollredundantoverrated insightfulinterestinginformativefunnyunderrated descriptive typodupeerror
Do you develop on GitHub? You can keep using GitHub but automatically sync your GitHub releases to SourceForge quickly and easily with this tool so your projects have a backup location, and get your project in front of SourceForge's nearly 30 million monthly users. It takes less than a minute. Get new users downloading your project releases today!
×
An anonymous reader quotes a report from CBC News: The federal privacy commissioner's investigation into the Tim Hortons mobile app found that the app unnecessarily collected extensive amounts of data without obtaining adequate consent from users. The commissioner's report, which was published Wednesday morning, states that Tim Hortons collected granular location data for the purpose of targeted advertising and the promotion of its products but that the company never used the data for those purposes. "The consequences associated with the App's collection of that data, the vast majority of which was collected when the App was not in use, represented a loss of Users' privacy that was not proportional to the potential benefits Tim Hortons may have hoped to gain from improved targeted promotion of its coffee and associated products," the report read.
The joint investigation was launched about two years ago by the Office of the Privacy Commissioner of Canada in conjunction with similar authorities in British Columbia, Quebec and Alberta. It came after reporting from the Financial Post found that the Tim Hortons app tracked users' geolocation while users were not using the app. According to a presentation to investors shared in May, the restaurant chain's app has four million active users.
Tim Hortons was using a third-party service provider, Radar, to collect geolocation data of users. In August 2020, Tim Hortons stopped collecting location data. However, the investigation found that there was a lack of contractual protections for users' personal information while being processed by Radar. The report describes the language in the contractual clauses to be "vague and permissive," which could have allowed Radar to use the personal information collected in aggregated or de-identified form for its own business. [...] The report states that Tim Hortons also agreed to delete all granular location data and to have third-party service providers do so as well, as per recommendations from the privacy authorities. The company also agreed to establish a privacy management program for its app and all future apps to ensure they are compliant with federal and provincial privacy legislation. Given these remedies, the report found that while the Tim Hortons app was not compliant with privacy laws, the company has since taken measures to resolve the issues. "We've strengthened our internal team that's dedicated to enhancing best practices when it comes to privacy and we're continuing to focus on ensuring that guests can make informed decisions about their data when using our app," a statement from Tim Hortons released on Wednesday said.
The joint investigation was launched about two years ago by the Office of the Privacy Commissioner of Canada in conjunction with similar authorities in British Columbia, Quebec and Alberta. It came after reporting from the Financial Post found that the Tim Hortons app tracked users' geolocation while users were not using the app. According to a presentation to investors shared in May, the restaurant chain's app has four million active users.
Tim Hortons was using a third-party service provider, Radar, to collect geolocation data of users. In August 2020, Tim Hortons stopped collecting location data. However, the investigation found that there was a lack of contractual protections for users' personal information while being processed by Radar. The report describes the language in the contractual clauses to be "vague and permissive," which could have allowed Radar to use the personal information collected in aggregated or de-identified form for its own business. [...] The report states that Tim Hortons also agreed to delete all granular location data and to have third-party service providers do so as well, as per recommendations from the privacy authorities. The company also agreed to establish a privacy management program for its app and all future apps to ensure they are compliant with federal and provincial privacy legislation. Given these remedies, the report found that while the Tim Hortons app was not compliant with privacy laws, the company has since taken measures to resolve the issues. "We've strengthened our internal team that's dedicated to enhancing best practices when it comes to privacy and we're continuing to focus on ensuring that guests can make informed decisions about their data when using our app," a statement from Tim Hortons released on Wednesday said.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK