{"id":1102,"date":"2010-05-29T03:42:51","date_gmt":"2010-05-29T11:42:51","guid":{"rendered":"\/?p=1102"},"modified":"2010-06-19T23:26:29","modified_gmt":"2010-06-20T07:26:29","slug":"misuse-of-network-identifiers-was-done-on-purpose","status":"publish","type":"post","link":"https:\/\/www.identityblog.com\/?p=1102","title":{"rendered":"Misuse of network identifiers was done on purpose"},"content":{"rendered":"

Ben Adida<\/a> has a list of achievements<\/a> as long as my arm – many of which are related to privacy and security.\u00a0 His latest post <\/a>concerns what he calls, “privacy advocacy<\/em> theater… a problem that my friends and colleagues are guilty of, and I\u2019m sure I\u2019m guilty of it at times, too.\u00a0 Privacy Advocacy Theater is the act of extreme criticism for an accidental data breach rather than a systemic privacy design flaw. Example: if you\u2019re up in arms over the Google Street View privacy \u201cfiasco\u201d of the last few days, you\u2019re guilty of Privacy Advocacy Theater.”<\/p>\n

Ben then proceeds take me to task for this piece<\/a>:<\/p>\n

I also have to be harsh with people I respect deeply, like Kim Cameron<\/a> who says that Google broke two of his very nicely crafted Laws of Identity. Come on, Kim, this was accidental data collection by code that the Google Street View folks didn\u2019t even realize was running. (I\u2019m giving them the benefit of the doubt. If they are lying, that\u2019s a different problem, but no one\u2019s claiming they\u2019re lying, as far as I know.) The Laws of Identity apply predominantly to the systems that individuals choose to use to manage their data. If anyone is breaking the Laws of Identity, it\u2019s the WiFi access points that don\u2019t actively nudge users towards encrypting their WiFi network.<\/p>\n

But let's hold on a minute.\u00a0 My argument wasn't about the payload data that was collected accidently.\u00a0 It was about the\u00a0device identification data that was collected on purpose.\u00a0\u00a0As Google's\u00a0Alan Eustace put it:\u00a0<\/p>\n

We said that while Google did collect publicly broadcast SSID information (the WiFi network name) and MAC addresses <\/a>(the unique number given to a device like a WiFi router) using Street View cars, we did not collect payload data (information sent over the network). But it\u2019s now clear that we have been mistakenly collecting samples of payload data…<\/p>\n

Device identifiers were\u00a0collected on purpose<\/strong><\/p>\n

SSID and MAC addresses are\u00a0the identifiers of your devices.\u00a0 They are transmitted as part of the\u00a0WiFi traffic just like the payload data is.<\/em>\u00a0 And they are not “publically broadcast” any more than the payload data is.\u00a0<\/p>\n

Yet\u00a0Google consciously decided to\u00a0abscond with, tabulate and monetize the identities of our personal, business\u00a0and home devices<\/em>.\u00a0 The identifiers are persistent and last for the lifetime of the devices.\u00a0 Their collection, cataloging and use is, in my view, more dangerous than the\u00a0payload data that was collected.\u00a0Why? The payload data, though\u00a0deeply personal, is transient and represents a single instant.\u00a0 The identifiers are persistent, and\u00a0the Street View\u00a0WiFi plan\u00a0was to use them for years.\u00a0\u00a0<\/p>\n

Let's be clear:\u00a0 Identity\u00a0has as much to do with\u00a0devices, software, services and organizations as with individuals.\u00a0 And equally important, identity is about the relationships between these things.\u00a0 In fact identity\u00a0can only be adequately expressed\u00a0through the relationships (some call it context).<\/p>\n

When Google says, “MAC addresses are a simple hardware ID assigned by the manufacturer” and “We cannot identify an individual” using those “simple hardware IDs”,\u00a0 it sounds like the devices\u00a0found in your home and briefcase and pocket have nothing to do with you as a flesh and blood person.\u00a0 Give me a break!\u00a0 It reminds me of an old skit by “Beyond the Fringe” where a\u00a0police inspector\u00a0points out\u00a0that “Once you have\u00a0identified the criminal's face, the criminal's body is likely to be close by…”\u00a0 Our identities and the identities of our devices are related, and understanding this relationship is essential to getting identity and privacy right.<\/p>\n

One great thing about blogging is you find out when you haven't been clear enough.\u00a0 I hope I'm making progress in expressing the real issues here:\u00a0 the collection of device identifiers was<\/em> purposeful, and\u00a0this represents\u00a0precisely\u00a0the kind of\u00a0“systemic privacy design flaw” to which Ben refers.\u00a0\u00a0<\/p>\n

It bothers me that this disturbing systemic privacy design\u00a0flaw – for which there has been no apology<\/strong> – is being obscured\u00a0through the widely publicized apology for a completely separate and\u00a0apparently accidental sin.\u00a0\u00a0 <\/em><\/p>\n

In contemporary networks, the hardware ID of the device is NOT intended to be a “universal identifier”.\u00a0 It is intended to be a “unidirectional identifier” (see The Fourth Law<\/a>) employed purely to map between a physical machine and a transient, local\u00a0logical address.\u00a0\u00a0Many people who\u00a0read this blog understand why networking works this way.\u00a0 In Street View WiFi, Google was consciously misusing this unidirectional identifier as a universal identifier, and misappropriating it by insinuating itself, as eavesdropper, into\u00a0our network conversations.<\/p>\n

Ben says, “The Laws of Identity apply predominantly to the systems that individuals choose to use to manage their data.”\u00a0 But I hope he rethinks this in the context of what identity really is, its use in devices and systems, and the fact that human, device and service identities are tied together in what one day should be a trustworthy system.\u00a0\u00a0I also\u00a0hope to see\u00a0Google apologize for its misuse of our device identities, and assure us they will not be used in any of their systems.<\/p>\n

Finally, despite Ben's need to rethink this matter,\u00a0 I\u00a0do love\u00a0his blog, and\u00a0strongly agree with\u00a0his comments on\u00a0 Opera Mini<\/a>, discussed in the same piece.<\/p>\n

\u00a0<\/p>\n","protected":false},"excerpt":{"rendered":"

Google's apology for accidentally collecting network traffic is beside the point. Their misappropriation of our personal, home and business network identitifiers was done on purpose.<\/p>\n","protected":false},"author":68,"featured_media":0,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[6,17,71,3,47,11,77],"tags":[],"_links":{"self":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1102"}],"collection":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/users\/68"}],"replies":[{"embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1102"}],"version-history":[{"count":0,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=\/wp\/v2\/posts\/1102\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1102"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1102"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.identityblog.com\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1102"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}