Tim Hortons Misled Customers Over Location Privacy – ‘Badly Designed’ App Users Tracked 24/7


Tim Hortons Canadian Coffee and Donut Restaurant was politely reprimanded by the Office of the Privacy Commissioner of Canada (OPC). Always fresh.

Timmies’ app kept tabs on your location— even when it wasn’t open, the OPC says, collecting “large amounts” of personal data. Worse still, the Canuck Company entered into a contract with a location service provider in a way that, at best,looks as shady as a livelier snowbird in a toque.

But how important, really? In today’s SB Blogwatch, we go up the ante.

Your humble blogwatcher curated these blog bits for your entertainment. Not to mention: HRH for 70 years.

You always have time for confidentiality

What are you saying, huh? Ismail Shakil reports—“Tim Hortons app tracked movements in violation of privacy laws”:

Poorly designed
Canadian coffee chain Tim Hortons’ mobile app routinely tracked and logged its users’ locations even when their app wasn’t open… Canada’s privacy regulator said… concluding a two-year-old investigation year. … the OPC said [it] highlighted harms that can result from “poorly designed technologies”.

Privacy authorities have recommended that Tim Hortons delete all remaining location data. [The] the company accepted the recommendations. … Tim Hortons said it removed geolocation technology from the Tims app and location data from it was never used for personalized marketing to individual users.

Oh! Canada. Jim Bronskill adds—“The app has collected large amounts of sensitive data”:

Third-party location service provider in the United States
People who downloaded the Tim Hortons app had their movements tracked and recorded every few minutes, even when the app was not open. [It] asked for permission [for] geolocation functions, but misled many users into believing that the information would only be accessible when the app was in use.

Tim Hortons has collected “large amounts” of granular location data for the purpose of delivering targeted advertisements…[but]he never actually used the data for this purpose. [It] used location data to infer where users lived, where they worked, and if they travelled. It generated an “event” each time users entered or exited a Tim Hortons competitor, a major sports venue, or their home or workplace.

Tim Hortons’ contract with a third-party U.S. location services provider contained language so ‘vague and permissive’ it allegedly allowed the company to sell… data for its own purposes

Would you like a silver lining with this cloud? Kelly Conaboy sarcastically suggests that—”How Tim Hortons could use its surveillance software for good”:

Please don't be alarmed
If we are to believe the channel, they weren’t using the information for anything. Surely they owe all users an apology. …Why not use this geolocation data to surprise users with a little coffee and maple donut whenever they really need it?

Maybe they spent a late night at the office, which you know because you tracked when they arrived and when they left. Maybe they’re late for work, which you know because you know when they usually leave their house every morning. Maybe they’re going through a breakup – which you can tell because they haven’t been to that other house that they used to visit regularly at some point in a while.

Beep beep. Look who it is. Your friendly Tim Hortons spy — ha-ha! Please don’t worry. He was simply able to say that you might need a maple donut and coffee, based on non-consensual information gathered from your phone. And isn’t that nice?

Meh, who cares? belloch doesn’t:

Tim Hortons is everywhere in Canada and they used be decent. The current owners live off brand recognition and market inertia.

[But] Most people don’t care enough about privacy issues. Tim Hortons real The problem is that they’re increasingly notorious for bad coffee, bad donuts, and bad food, while equally ubiquitous chains, like McDonald’s, now have decent coffee and have added donuts to their menus. … Virtually every truck stop town that has a Tim Horton’s also has a McDonald’s nearby, so it’s really market inertia that’s supporting Tim Horton’s right now.

Ah, the power of branding. Miles_O’Toole the dish a lot more strongly:

There is no doubt that the location data they collected has been monetized to the max, whatever the owners are now claiming. Restaurant Brands International, based in Brazil, the owners, are corporate bastards.

It was feared that when they went on sale much of their support for charities and non-profits would disappear. One of the reasons RBI was successful is that they promised to maintain all of Timmy’s existing charity work. What they failed to mention is that they persuaded enough Tim Horton board members to get rid of most charities as a condition of sale.

I haven’t visited Timmy’s since, and never will again.

Expect. Pause. How much of a problem is that really? david johnson I can not believe it :

I can’t believe everyone is so amazed by this. Doesn’t everything we have on our devices, including the device itself, follow us? I mean every day someone brings Alexa home and they don’t think Amazon and their AI and algorithms aren’t in all of your conversations?

The human race has truly become stupid.

And neither can SeanC__:

I mean, I’ve assumed for years that any app I install collects as much information about me as possible.

Otherwise, why would every company want me to install an app instead of just visiting the website? Otherwise, why would so many companies offer discounts and freebies if you just put this app on your phone?

But are they sale those data ? You better believe it, said blorenz:

I recently attended a car dealership conference where I was pitched for a product that would let me know if my customers were at rival dealerships. I pushed and pushed to figure out if these were legitimate claims or just marketing hype.

They revealed that they purchased location data from app developers. I was shocked and surprised – not sure why I was, as it should have been expected. It really enlightened me on the exploitation and misuse of data by *****y apps.

It’s jokes. Why would anyone install the app? Leviathan brings anecdotes:

I was traveling on the 401 and stopped…for coffee. The queue was extremely long and didn’t move at all, I had time to download the app, register, place an order, see it print at checkout and someone picked up and got my coffee ready before the line even moved. I just left the line, went to the empty section where the mobile controls are, and had the coffee while I deleted the app.

And finally:

The Queen’s Platinum Jubilee: What are we talking about?

Previously in And finally


Have you read SB Blogwatch by Richi Jennings. Richi curates the best blogs, the best forums, and the weirdest websites…so you don’t have to. Hate messages may be directed to @RiCHi Where [email protected]. Ask your doctor before reading. Your mileage may vary. E&OE. 30.

Sauce picture: Samuel Conor (Going through Unsplash; leveled and cropped)

Previous Check Printing Software Market Research and Clinical Advances by 2031 – The Greater Binghamton Business Journal
Next Goa CM launches mobile application to watch over the beaches – ThePrint – ANIFeed