Jacques Bus recently shared a communication he has circulated about the mobile technology issues I've been exploring. To European readers he will need no introduction: as Head of Unit for the European Commission's Information and Communication Technologies (ICT) Research Programme he oversaw and gave consistency to the programs shaping Europe's ICT research investment. Thoroughly expert and equally committed to results, Jacques’ influence on ICT policy thinking is clearly visible in Europe. Jacques is now an independent consultant on ICT issues.
On June 20, Kim Cameron [KC] posted a piece on this blog titled: Harvesting phone and laptop fingerprints for its database – Google says the user’s device sends a request to its location server with a list of all MAC addresses currently visible to it. Does that include yours?
It was the start of a series of communications that reads like a thriller. Unfortunately the victim is not imaginary, but it is me and you.
He started with an example of someone attending a conference while subscribed to a geo-location service. “I [KC] argued that the subscriber’s cell phone would pick up all the MAC addresses (which serve as digital fingerprints) of nearby phones and laptops and send them in to the centralized database service, which would look them up and potentially use the harvested addresses to further increase its knowledge of people’s behavior – for example, generating a list of those attending the conference.”
He then explained how Google says its location database works, showing that “certainly the MAC addresses of all nearby phones and laptops are sent in to the geo-location server – not simply the MAC addresses of wireless access points that are broadcasting SSIDs.”
His first post was followed by others, including reference to an excellent piece of Niraj Chokshi in The Atlantic and demonstrating that Google's messages in its application descriptions are, to say the least, not in line with their PR messages to Chokshi.
On 2 July a discussion of Apple iTunes follows in KC's post: Update to iTunes comes with privacy fibs with as main message: As the personal phone evolves it will become increasingly obvious that groups within some of our best tech companies have built businesses based on consciously crafted privacy fibs.
We also collect non-personal information – data in a form that does not permit direct association with any specific individual. We may collect, use, transfer, and disclose non-personal information for any purpose. The following are some examples of non-personal information that we collect and how we may use it:
- We may collect information such as occupation, language, zip code, area code, unique device identifier, location, and the time zone where an Apple product is used so that we can better understand customer behavior and improve our products, services, and advertising.
I think KC rightly asks the question: What does downloading a song have to do with giving away your location???
Clearly Apple would call its unique device identifier – and its location – ”non-personal data”. However, personal data means in Europe any information relating to an identified or identifiable natural person. Even Google CEO Eric Schmidt would under this EU definition supposedly disagree with Apple, given his statement in a recent speech quoted by KC: Google is making the Android phone, we have the Kindle, of course, and we have the iPad. Each of these form factors with the tablet represent in many ways your future….: they’re personal. They’re personal in a really fundamental way. They know who you are. So imagine that the next version of a news reader will not only know who you are, but it’ll know what you’ve read…and it’ll be more interactive. And it’ll have more video. And it’ll be more real-time. Because of this principle of “now.”.
We could go on with the post of 3 July: The current abuse of personal device identifiers by Google and Apple is at least as significant as the problems I discussed long ago with Passport. He is referring to a story by Todd Bishop at TechFlash – here I refer readers to the original thriller rather than trying to summarize it for them.
What is absolutely clear from the above is how dependent we all are on mobile technology. It is also clear that to enjoy the personal and location services we request one needs to combine data on the person and his location. However, I am convinced that in the complex society we live in, we will eventually only accept services and infrastructure if we can trust them to work as we expect, including the handling of our personal data. But trust can only be given if the services and infrastructure is trustworthy. O'Hara and Hall describe trust on the Web very well, based on fundamental principles. They decompose trust in local trust (personal experience through high-bandwidth interactions) and global trust (outsourcing our trust decisions to trusted institutions, like accepted roles through training, witnessing, or certification). Reputation is usually a mix of this.
For trust to be built up the transparency and accountability of the data collectors and processors is essential. As local trust is particularly difficult in global transactions over the Web, we need stronger global trust through a-priori assurances on compliance with legal obligations on privacy protection, transparency, auditing, and effective law enforcement and redress. These are basic principles on which our free and developed societies are built, and which are necessary to guarantee creativity, social stability, economic activity and growth.
One can conclude from KCs posts that not much of these essential elements are represented in the current mobile world.
I agree that the legal solutions he proposes are small steps in the right direction and should be pursued. However, essential action at the level of the legislators is urgently needed. Data Protection authorities in Europe are well aware of that as is demonstrated in The Future of Privacy. Unfortunately these solutions are slow to implement, whilst commercial developments are very fast.
Technology solutions, like developing WiFi protocols that appropriately randomize MAC addresses and also protect other personal data, are also needed urgently to enable develop trustworthy solutions that are competitive and methods should be sought to standardize such results quickly.
However, the gigantic global centralization of data collection and the possibilities of massive correlation is scaring and may make DP Commissioners, even in group in Europe, look helpless. The data is already out there and usable.
What I wonder: is all this data available for law enforcers under warrant and accepted as legal proof in court? And if not, how can it be possible that private companies can collect it? Don't we need some large legal test cases?
And let’s not forget one thing: any government action must be as global as possible given the broad international presence of the most important companies in this field, hence the proposed standards of the joint international DP authorities in their Madrid Declaration.
Smart questions and conclusions.