tag:blogger.com,1999:blog-29173677.post4002486280868309961..comments2023-08-03T10:01:21.218-07:00Comments on Conor's Web Log of Esoterica: Kim vs. Google summary...Conor P. Cahillhttp://www.blogger.com/profile/18408504477586184299noreply@blogger.comBlogger5125tag:blogger.com,1999:blog-29173677.post-44346681881585370362010-06-13T23:21:26.122-07:002010-06-13T23:21:26.122-07:00This debate has become abstract in the extreme and...This debate has become abstract in the extreme and lost sight of some of the basic flaws in Kim's approach.<br /><br />Sweeping up MAC addresses from physical addresses at a point in time isn't worthwhile if the intention to build up a database of indentities connected to devices:<br /><br />1 Some of the MAC addresses at a location at any point may not belong to the residents at that address (friends, cousins, neighbours)<br /><br />2 The picture may be different in a week or a month (new routers, new devices, retired devices, devices that have had a drink in the river)<br /><br />3 Can sweepers distinguish between small flats in a block? ie can they tie down MAC locations to addresses on a 1:1 basis?<br /><br />4 Kim has already been alerted to IPv6<br /><br />5 It's happening anyway with Facebook, 4square etc etc. I don't follow Kim so I don't know if he's fulminated against them.<br /><br />As incitement for governments to kick Google Kim's attempt to keep this debate running makes sense. As a serious contribution to network privacy it doesn't. Everyone has been too polite so far to mention that Kim is an employee of Microsoft, so I'm mentioning it now.John Smithnoreply@blogger.comtag:blogger.com,1999:blog-29173677.post-78481091189732664602010-06-11T15:54:32.245-07:002010-06-11T15:54:32.245-07:00Guys - please read this since you will find a link...Guys - please read <a href="http://www.identityblog.com/?p=1120" rel="nofollow">this</a> since you will find a link to the report where the company hired by Google to analyse their WiFi collection software telling you that you are completely wrong. <br />Google WAS capturing the MACs of ALL DEVICES (not just access points) on peoples' home and business networks, whether they broadcast the SSIDs or not, and whether they were encrypted or not. Please look into this - I would think this would cause you to re-evaluate and repost. That would be very helpful because I think, as the matter is better understood, more and more people will need to re-evaluate.<br /><br />As for the God-father bit, I fear David Goodman was making a comparison with Marlon Brando.Kim Cameronhttp://www.identityblog.comnoreply@blogger.comtag:blogger.com,1999:blog-29173677.post-78556434668111127362010-06-09T04:30:36.709-07:002010-06-09T04:30:36.709-07:00Axel,
There's an assumption in your statemen...Axel, <br /><br />There's an assumption in your statement that all by itself a MAC address is PII. I disagree. It isn't PII until you associate it with a user or with something a user does. Google was doing neither of these and thus, IMO, the MAC address isn't PII.Conor P. Cahillhttps://www.blogger.com/profile/18408504477586184299noreply@blogger.comtag:blogger.com,1999:blog-29173677.post-14951562088627953062010-06-09T01:19:44.954-07:002010-06-09T01:19:44.954-07:00Regarding:
"In summary, I do agree that MAC a...Regarding:<br />"In summary, I do agree that MAC addresses could be abused if associated with an end-user and used for some nefarious purpose. However, I don't believe that Google was doing either of these."<br /><br />I believe that history taught us (Germans) that collecting PII (for whatever good reason) can be horribly abused (by later governments). Don't do it.Anonymoushttps://www.blogger.com/profile/01265275474642785203noreply@blogger.comtag:blogger.com,1999:blog-29173677.post-41252409889612292782010-06-07T15:49:04.024-07:002010-06-07T15:49:04.024-07:00Hi Conor - well, Kim's the Father of Identity ...Hi Conor - well, Kim's the Father of Identity (it says on the eema conference agenda, at any rate), not the Father of Privacy. Not yet, at least... ;^)<br /><br />So, as I have been known to express a view on privacy issues now and then, I did try to tease out what lessons me could draw from this episode, and blog about them here:<br /><br />http://futureidentity.blogspot.com/2010/05/privacy-and-ssids-in-more-than-140.html<br /><br />As far as location-based services are concerned, my view is this: if you offer some location-based service, why don't you use your own online presence to help people find you? Why is it better to 'parasite' off the broadcast SSID of someone else, who - let's face it - in all likelihood does not broadcast their SSID for the purpose of making your service easier to locate...<br /><br />At heart, though, the main lesson is one which you also allude to: effective regulation in this area has to be more sophisticated than current laws, and to cover privacy-invasive outcomes rather than try to specify what third parties may or may not do with every piece of data they may come across.Robin Wiltonhttp://futureidentity.blogspot.comnoreply@blogger.com