iBeacons (and Bluetooth beacons that don't follow Apple's "i" specification) are intriguing technologies that promise a new level of interaction between people and the (real, physical) world.
Beacon promoters hold them up as a technology to "add context" to mobile applications and make every user's experience better and more personalized.
Detractors point out that Beacons are a potentially intrusive technology that can reveal more about consumers than they would choose to if they fully understood what beacon technologies can do.
Does this sounds like a web browser cookie debate to you? Me too! And in some ways, Beacons and Cookies are similar.
Both can be used to personalize a user experience by matching content with user preferences and interest.
Both can track a user's path through a provider's "content". A browser cookie can enable tracking user access to sites and pages (or not)
A beacon can enable tracking of user physical proximity to specific real-world locations (or not)
Users must "opt-in" to both Cookies and Beacons, and can disable either of them at any time
Yet a choice to disable Beacons (like browser cookies) may reduce functionality and convenience for the user
The last point is a potentially tricky one. What's the social contract between a user of an app or web site and the provider of the property? It's possible to send a physical store visitor who uses our app a welcome push notification when they walk through the door. Should our app actually do that if the user didn't expect the app to do that beforehand? Will the user think that's "creepy"?
Let history be our guide
Whether such laws and practices were needed to prevent real problems with browser cookies is debatable, but the perception they were needed should instruct us on Beacons. Furthermore, there may be existing EU laws that already regulate how Beacons could be implemented--even if specific precedent has yet to be established.
Legal precedent and regulatory frameworks may not yet have caught up with Beacons (especially in the more freewheeling US). It may not (yet) be illegal to use Beacons in a way that end-users might find alarming or a breach of their trust. But let history assure us that privacy limits will closely follow the inevitable wide-scale deployment of Beacons.
Fortunately, we've all been to this rodeo before, and we already know what to do. Using cookies as a precedent, we already know where the limits are, and the "Golden Rule" is probably the right guide to use where legal frameworks and regulation are ambiguous.