Thread: Tube passengers tracked by phone WiFi
View Single Post
  #40   Report Post  
Old September 9th 17, 06:12 PM posted to uk.railway,uk.transport.london
Graeme Wall Graeme Wall is offline
external usenet poster
  
First recorded activity at LondonBanter: Jul 2003
Posts: 1,715
Default Tube passengers tracked by phone WiFi
On 09/09/2017 14:22, Anna Noyd-Dryver wrote:
Graeme Wall wrote:
On 09/09/2017 10:37, Someone Somewhere wrote:
On 08/09/2017 17:34, Sam Wilson wrote:
On 2017-09-08 14:40:46 +0000, Martin Coffee said:

On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office
about its
plans and passengers could opt out by switching their wifi off. It
said
that the phone data was “de-personalised”, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube
network.
They pick up on a code that identifies each phone, the media
access control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly” encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the
phone cannot
be identified even if the encryption could be reversed. No
browsing data
was collected, meaning that emails and the internet habits of
passengers
could not be shared with third parties.
[snip]
Let's face it.* Even if encrypted, you cannot anonymise a MAC
address as it is unique to each phone.

You can turn it into something that can't be (realistically) turned
back into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data.* You just encrypt a MAC address and identify
the location data in just the same manner as the tracking occurs.
Thus the location can still be re-associated with the original MAC
address.

Sure, if you know a particular MAC address and the encryption
procedure and access to the location data then you may be able (and I
note Dr B's comments in his response) to recreate the key and
therefore track the MAC address.* Most of us (and I again I bow to Dr
B) probably can't do that.

Surely the most likely people to want to do this would be criminals
anyway, so criminalising their activities seems slightly pointless.
Deterring casual peepers is probably worth doing.

Surely the problem is if this becomes widespread as eventually you'll
get enough data to identify not just the phone but the individual.

It's fine if it's kept to the tube,* but let's take the advertising
angle,* presumably the advertisers won't be satisfied with just knowing
what the busiest platform is but would prefer to target their adverts to
one or more groups of people on that platform.

By hooking up a similar system with retailers they work out that of the
group on the platform at 08:30 a significant proportion are e.g.
Waitrose shoppers.* And it then goes on and on until you end up pretty
much being able to identify the iindividual, what they buy, where they
live etc without actually ever using any personally identifiable
information.

I'm not sure of the relevant legislation but presumably the only way to
avoid this is that each entity having such a system has to have a
different algorithm (or at least key) for anonymising the MAC data so
each data set remains siloised (but would the supplier of the system
still be able to join the different datasets?)


Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.


'Send you' by what means?

SMS initially.


--
Graeme Wall
This account not read.

Reply With QuoteReply With Quote