In Canada, it turned out that the super popular cafe `` Tim Hortons'' over Starbucks Mac was illegally collecting personal information



On June 1, 2022, the

Office of the Privacy Commissioner of Canada (OPC) , a privacy monitoring agency organized by the Parliament of Canada, collected a huge amount of location information from Canada's leading donut chain Tim Hortons. Announced that it violated the privacy law of Canada.

News release: Tim Hortons app violated privacy laws in collection of'vast amounts' of sensitive location data --Office of the Privacy Commissioner of Canada
https://www.priv.gc.ca/en/opc-news/news-and-announcements/2022/nr-c_220601/

Tim Hortons is Canada's largest fast food chain, with twice as many stores in Canada as McDonald's and a big difference over Starbucks, which has the second largest share of cafes. Tim Hortons is sometimes regarded as a symbol of Canadian culture because of its popularity as it has virtually completely eradicated Canada's independent donut stores.



A joint study by the Government of Canada and the privacy authorities of several states revealed that the Tim Hortons app tracked and recorded user movements every few minutes, even when the app wasn't open. rice field.

According to the OPC that reported this issue, the Tim Hortons app asked for permission to access the location feature during installation, but users were misunderstood that 'location information is only collected while the app is in use.' It was said that it was. However, in reality, it was always tracking the user's movements while the device was turned on.

Research has shown that Tim Hortons used location information gathered from users to infer the user's address, place of employment, travel destination, and so on. In addition, Tim Hortons recorded what happened as an 'event' every time a user entered or exited their home, workplace, competitors or sports venue. Initially, Tim Hortons was collecting this data with a plan to use it for targeted advertising, but even after the plan disappeared, it continued to collect location information for a year without good reason.



OPC Commissioner Daniel Therrien said, 'Tim Hortons has clearly crossed the line by accumulating a large amount of highly confidential information about its customers. It tracks people's behavior on a minute-by-minute basis every day. That's clearly improper surveillance. The incident re-emphasizes the potential damage caused by poorly designed technology, along with the need for strong privacy laws to protect the human rights of Canadians. ' He said that Tim Hortons' location information gathering violates Canadian privacy law.

On the other hand, Tim Hortons said, 'The collected location information is used only for limited purposes to analyze user trends such as whether the user has switched to another coffee chain or changes in movement due to a pandemic. I haven't done it. '

Following the findings, four Canadian privacy authorities, including OPC, have made three recommendations to Tim Hortons:
-Delete the stored location information data and instruct the third party who sold the data to delete it.
• Develop and continue a privacy management program. In addition, the program includes 'evaluation of the impact of the app itself and other apps that the app launches on privacy' and 'within the range that requires information gathering, and is commensurate with the predetermined impact on privacy. Include 'the process of verifying that' and 'privacy-related communication consistent with app practices.'
• Report details of the steps taken to comply with the recommendations.

Tim Hortons has agreed to implement the recommendation.

in Mobile,   Web Service,   Junk Food, Posted by log1l_ks