How Tim Hortons Could Use Its Surveillance Software for Good

Customers will just need an open mind and a donut craving

TORONTO, ONTARIO, CANADA - 2022/05/23: Business sign of a Tim Horton's cafeteria. The food and drink...
Roberto Machado Noa/LightRocket/Getty Images
hello again tim

“Every breath you take. Every move you make. Every bond you break, every step you take, I'll be watching you. Every single day. Every word you say. Every game you play, every night you stay, I'll be watching you.” — The Tim Hortons App (2022)

According to a new report, it seems the Tim Hortons app believes Tim Hortons should know quite a bit about your exact location at all times. A 2020 article by National Post reporter James McLeod showed the app made note of his location more than 2,700 times in fewer than five months, without notifying him that his geolocation was being tracked even when he wasn’t using the app. This spurred a years-long investigation into the app from federal privacy commissioners in Canada. Their report was released on Wednesday.

A statement from the commissioners says users of the Tim Hortons app had their location tracked every few minutes, even when the app wasn’t open. "Our joint investigation tells yet another troubling story of a company that failed to ensure proper design of an intrusive technology, resulting in a mass invasion of Canadians' privacy," privacy commissioner Daniel Therrien said. "It also highlights the very real risks related to location data and the tracking of individuals."

The app reportedly recorded an “event” every time a user would leave home, work, attend a sports event, or use a competitor. Like all apps, Tim Hortons planned to wield this info for targeted advertising, but that plan never materialized. "The investigation uncovered that Tim Hortons continued to collect location data for a year after shelving plans to use it for targeted advertising, even though it had no legitimate need to do so," the statement said.

As a result of the investigation, Tim Hortons has agreed to implement privacy measures like deleting any remaining location data and establishing a privacy management program. But let’s maybe pump the brakes on that for a second.

Tim Hortons says it was not using the information it gathered for ad targeting; apparently, if we’re to believe the chain, it was not using the information for anything at all. Surely they owe all users an apology (and are in fact currently the subject of four class-action lawsuits). Why not actually use this geolocation data … to surprise users with a small coffee and maple donut whenever it seems like they really need one?

Maybe they’ve spent a late night at the office, which you know because you’ve tracked the moment they arrived and the moment they left. Maybe they’re running late for work, which you know because you know when they typically leave their house every morning. Maybe they’re going through a breakup, which you can tell because they haven’t, in quite some time, been to that other house they were at one point regularly visiting.

Beep-beep. Look who it is. Your friend Tim Hortons spy — ha-ha! Please don’t be alarmed. He was simply able to tell you might need a maple donut and a coffee, based on the information nonconsensually collected from your phone. And isn’t that nice? :)

Thank you, Tim Hortons.