Mall kiosks gather email addresses and phone numbers, and it’s not all about your security
Phone charging lockers — the kind you’ll find in malls, airports, and stores like Banana Republic — solve a simple problem. They let you charge your phone without tying you to a wall socket, so you can run your errands without the persistent concern that you’ll run out of juice. They’re almost always free, but there’s a catch: These kiosks take your picture and require you to turn over personal information like your email address or phone number.
For starters, the businesses these kiosks are in can use them as a stealthy way to sign you up for loyalty programs to keep you hooked after you leave the store. Companies like ChargeItSpot and InCharged, for example, sell charging lockers that companies can rebrand with their own logo. In ChargeItSpot’s case, part of the deal with those merchants includes sharing the email address and phone number with the merchant when you sign up.
“The phone number is the thing that they can then use with data brokers to figure out exactly who you are.”
With this information, stores can sign customers up for mailing lists. While it’s not uncommon for a cashier to ask for your email address or phone number when checking out, it may prompt you to ask, “What do you need that for?” On the other hand, entering your contact info into a kiosk where you’re about to lock up your phone seems like a no-brainer. What if it gets stolen? They need a way to contact you!
Things get even hairier when it comes to your phone number. Jen King, director of consumer privacy at Stanford University’s Center for Internet and Society, explains that you should think twice about giving up your digits when these kiosks ask. “We don’t ever change our mobile phone numbers, so they become an identifier. In some ways almost like your social security number.”
“While the email itself could potentially not tell them a lot about you, that phone number is gold,” King continues. “The phone number is the thing that they can then use with data brokers to figure out exactly who you are.” Entering your phone number into a kiosk to charge your phone makes just enough sense that you might not think about it too much. Your email and phone number could serve as a sort of makeshift username and password to prevent someone else from picking up your phone.
For you, these kiosks may just be a convenient way to get extra juice. For stores, they’re a powerful way to boost sales and keep you coming back.
But it’s easy to imagine ways these kiosks could be secured without asking for personal information. Lockers in amusement parks use keys that customers can put on their wrists. A digital system could let users create a unique, short-term code. Because these kiosks ask for multiple pieces of personal information as credentials, it’s hard to overlook the ulterior motive: data mining.
ChargeItSpot even makes this a key feature on its website, where it advertises lockers to merchants. “Gather valuable data, like phone numbers and email addresses,” the site promises retailers. In fact, the company touts a host of benefits for retailers, including more sales, more time spent in stores, and better marketing data. For you, these kiosks may just be a convenient way to get extra juice. For stores, they’re a powerful way to boost sales and keep you coming back.
A similar New York-based charging kiosk, LinkNYC — which doesn’t allow you to leave your phone locked up but does have the added bonus of public Wi-Fi access — takes video footage of its customers. The company tells OneZero that video is stored in a secure database, automatically deleted after seven days, and only accessed or shared if the company receives a valid subpoena or court order. According to the company’s transparency reports, this hasn’t happened once since 2017 (the year the transparency reports began).
Of course, ChargeItSpot, LinkNYC, and InCharged are far from the only companies that operate charging kiosks and lockers, and digging through the privacy policies of each and every one is a task no consumer could be expected to perform. Especially when in the middle of shopping or waiting at the airport.
The upside is that, for now, companies seem aware that employing facial recognition software or selling your photos would be a huge breach of trust. The downside is that you’re still probably signing up for a mailing list or handing off your phone number for marketing when you use them. Once again, the adage rings true: If it’s free, you’re probably the product.
All Rights Reserved for Eric Ravenscraft