Rubbish bins tracking pedestrians as they walk along the street sound like something out of a sci-fi movie. But a few weeks ago it emerged that recycling and rubbish bins installed along London's Cheapside Street were monitoring pedestrians through millions of smartphones.
However, the City of London ordered Renew to stop collecting data following a public outcry about the invasion of privacy.
"Irrespective of what's technically possible, anything that happens like this on the streets needs to be done carefully, with the backing of an informed public," the City's spokesman said.
In the same week stories emerged about Google reading personal emails and potential for its new glasses to track what people look at and when. This all raises the question: whatever happened to our privacy?
The technology used by Renew's bins is nothing new. In fact, similar technology is already installed and tracking shoppers around Australia.
The bins were registering the unique media access control (MAC) number of smartphones as they passed by a sensor.
Another technology exists in the market that records a mobile's temporary mobile subscriber identifier number. Once located, computer programs track phones as they move between sensors. However, neither method collects data about the phone's owner.
Australia's Westfield already uses this technology to track smartphones at three shopping centres. "Westfield is capable of using the MAC identifier system in its centres but cannot collect any data other than to know smartphones are moving within," a company spokeswoman said.
Westfield offers free internet access in three centres across Sydney, Brisbane and Melbourne. Visitors can opt in to the service but Westfield can also monitor the movements of smartphones without the owners logging in to its wi-fi network.
Spokesmen for other shopping centre owners said they did not use MAC or wi-fi tracking. However, QIC does use thermal tracking and cameras to monitor customer numbers, a spokeswoman confirmed.
Surprisingly, smartphone tracking is not covered by the National Privacy Principles because it does not identify individuals, according to Privacy Commissioner Timothy Pilgrim. "If they are not collecting the identity [of] who owns the phone, then under the Privacy Act they are not collecting personal information. As soon as they can identify an individual, then all that information becomes personal information and subject to the protection of the Privacy Act."
Pilgrim said significant changes were recently made to Australia's 25-year-old privacy laws, including 13 new privacy principles that will come into effect in March 2014.
"Many of the reforms that have gone in place will assist in making sure the Privacy Act remains relevant, particularly in an environment where we are seeing rapid changes in technology," he said.
Rules about direct marketing have been included for the first time, giving consumers the right to know from where an unfamiliar marketer got their information.
Privacy has become a balancing act in an era when companies provide better services in exchange for some personal information, and individuals are willing to publish so much private information on social media sites.
But the Privacy Act still limits what companies can do with personal information, even if consumers hand it over voluntarily.
"It does not necessarily give an organisation the right to then go off and do a whole lot of unexpected things with that information," Pilgrim said. "The Privacy Act limits what they can do to activities that would be in the expectation of the person as part of that transaction."
In recent weeks, Google has been blasted for its attitude towards privacy after its lawyers submitted a court document stating people should have "no legitimate expectation of privacy".
However, that quote was taken out of context - it was actually from a 1979 judgment. But Google's lawyers did argue that "all users of email must necessarily expect that their emails will be subject to automated processing".
Google's terms of service clearly state that its products, including Gmail, "are supported by advertising revenue".
In exchange for a free email service, it scans messages for key words supplied by advertisers. If an email contains key words suggesting a user is planning a holiday, they are likely to get targeted advertising about their holiday destination, hotels and flights.
Similarly, Google collects data about the search terms people enter into its famous search engine. However, unless a person has signed into an account, it cannot tie search terms to them - it can just guess at what that person wants.
Just like the smartphone tracking, a lot of online data collection skirts around privacy laws by knowing what you are, but not who you are.
This week Google was caught lodging a patent for a "head-mounted device" that tracks what wearers are looking at and relays that information to a server that uses algorithms to identify images.
"Prospective product announcements should not necessarily be inferred from our patents," a company spokesman said in a bid to temper speculation about how it might make money from Google Glass wearers.
Loyalty programs still have access to the most information about individuals and are allowed to manipulate data any way they like for hyper-targeted and personalised marketing because they have every members' permission.
For the general population, keeping control of personal information is still possible and will become easier under the new privacy rules.
But there is no doubt there is an enormous amount of anonymous data collection going on, and that is what feels so creepy.