On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office
about its
plans and passengers could opt out by switching their wifi off. It said
that the phone data was “de-personalised”, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube network.
They pick up on a code that identifies each phone, the media access
control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly” encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the phone
cannot
be identified even if the encryption could be reversed. No browsing data
was collected, meaning that emails and the internet habits of passengers
could not be shared with third parties.
[snip]
Let's face it. Even if encrypted, you cannot anonymise a MAC address
as it is unique to each phone.

You can turn it into something that can't be (realistically) turned back
into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data. You just encrypt a MAC address and identify the
location data in just the same manner as the tracking occurs. Thus the
location can still be re-associated with the original MAC address.

There has been recent suggestions that it might become a criminal
offence to de-anonymise anonymised personal information. It seems to me
that this legislation is urgently needed.