As a matter of policy, the chain decides that it will not use any of that information for marketing or anything else. Fair enough. But what if local law enforcement chooses to subpoena those records so that it can know who frequents happy hours a lot. And if it can tap into real-time data, police could try and catch people in the act. And, maybe some civil attorneys try to subpoena the documents as well, for some automobile accident cases. That's the subject of our column this week on the McAfee security blog.
As a philosopher might say, the only safe way to delete a file is to have never recorded it. As silly as that may sound from a data security perspective, it shouldn't be dismissed. Consider this scenario: A chain notices a PDA app that uses geolocation to match consumers with local happy hours. (For those outside the U.S., it's a time when bars tend to heavily discount alcoholic beverages.) It throws the app onto its mobile site as a service for customers and thinks nothing of it.