YABB: Yet Another Big Brother (Identity.next, The Hague, 8 dec 2010)
•
0 j'aime•9,108 vues
Presentation at the Identity.next conference in The Hague http://identitynext.nl/ The presentation explains the role of location providers such as Google and Skyhook Wireless, the Google Wifi debacle and the privacy issues when MAC addresses are being exposed (both of wifi hotspots and of client devices).
Recommandé
Recommandé
Contenu connexe
Tendances
Tendances (6)
Similaire à YABB: Yet Another Big Brother (Identity.next, The Hague, 8 dec 2010)
Similaire à YABB: Yet Another Big Brother (Identity.next, The Hague, 8 dec 2010) (20)
Plus de Pascal Van Hecke
Dernier
Dernier (20)
YABB: Yet Another Big Brother (Identity.next, The Hague, 8 dec 2010)
- 1. Yet another Big Brother (the infrastructure behind location-based services) 1
- 2. Whoami 2
- 4. 4
- 5. 5
- 6. 6
- 7. 7
- 8. 8
- 9. 9 How does it work? GPS Antennas Wifi
- 10. 10 Skyhook
- 17. Google 17
- 18. 18
- 19. 19
- 20. 20
- 21. 21
- 23. Is your wifi hotspot personal data? 23
- 24. Who monitors the location provider? 24
- 25. Is the client MAC address personal data 25
- 27. Privacy <> security 27
- 28. Not encrypted <> Public 28
- 29. Personal Data <>Personally Identifiable Data 29
- 30. Data can be (and will become increasingly) a liability 30
- 31. Resources http://epic.org/privacy/streetview/ http://googlepolicyeurope.blogspot.com/2010/04/data-collected-by-google-cars.html http://googleblog.blogspot.com/2010/05/wifi-data-collection-update.html http://edri.org http://www.skyhookwireless.com/ 31
- 32. About http://vanhecke.info Twitter: @pascalvanhecke @vanheckeinfo 32
Notes de l'éditeur
- YABB is not a Web 2.0 name
- Who are you?GovernementIdentitypeople?Privacy people?
- Story that has been making headlines this year – spectacular in privacy world
- It’s old already!Used to be services by Operators!
- Now: 3d parties not linked to the operatorExample: Navigation information, maps…
- But also: extra parameter for context
- USG
- Pics (implicit)
- GPS-signal : no privacy impactHow do you translate antennas and wifi to a location?
- Have a great website withexplanation
- Capture MAC addressesAlso from your hotspot at homeBydrivingaround
- Telcos their first customers
- That’s how they improvetheir database
- Client: also laptops with “normal browser”(Google Location service is default location provider in Firefox and Chrome)
- A worldwide sensor network (eg in cities, inside, at higher floors...)
- Important: this happens for every application, as soon as you get out…No wonder Skyhook can build impressive visulisations and derivative products (crowd management)On the other hand: massive surveillance tool on top of dataretention, and in the hands of US government – beware if you’re a blond australian.
- Bigger than Skyhook, so more under scrutiny
- StreetviewAuditby German DPA had stored content of communication as well
- StrozFriedbergto their advantage: channel switching every 0,2 seconds email addresses, passwords... also: MAC-adresses clients!: industrial-scale tracking system
- PR and possiblylegal disaster for GoogleStoppeddrivingcarsNotsurewhethertheywill stop to self-update
- QuestionsDPA’swill have toanswer…
- And if it is personal data, how then?Think of divorced womanThink of Malware: wifi – routerConsent by owner?Compare to Google Streetview pics (visible versus invisible wavelength, German opt-out)
- Detailed information on your lifestyleCombination of your IP address + Mac Address + locationRegulation, just like with search enginesGranularity of consent ( I cannot differentiate between location providers)
- Beacon ~ identityThink of social engineering…Mac addresses were never supposed to be exposed…Malware
- For this corporate identity management audience
- Mindsetsecuritypeople <> privacy people
- (think of phonecalls in public)
- Similar to IP addressesTokens, pseudonymsThingsthatcanbecomepersonal dataGrey zone…(that’swhy privacy people are lawyers and nottechnical)
- At the moment: reputation. Will become financial penaltiesGoogle guy: the more data, the better