W3C home > Mailing lists > Public > public-privacy@w3.org > April to June 2011

Re: Pandora sends user GPS, sex, birthdate, other data to ad servers

From: Pat Walshe <PWalshe@gsm.org>
Date: Fri, 8 Apr 2011 15:15:18 +0100
To: Robin Berjon <robin@robineko.com>, Jules Polonetsky <julespol@futureofprivacy.org>
CC: Karl Dubost <karld@opera.com>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-ID: <C9C4CF73.519E8%pwalshe@gsm.org>
Before I chip in, any views expressed by me are mine and not those of my
employer.

Like Jules, I am surprised that the well publicised app privacy issues
remain a surprise.  The issue of surreptitious access to device and user
data by apps first emerged in the summer of 2009 by an iPhone app
developer who set up i-phone-home.blogspot.com out of his concern over app
permissions.  The site is no longer active but a screen shot is attached
from 2009.

 'App privacy' has received and continues to receive global coverage so I
fail to see how key ecosystem players are not aware of them? It's not
privacy pros keeping it to themselves.  Even the information commissioner
in the UK issued a public warning that "users should not have their
personal information collected unless they are aware of it"
www.techeye.net/security/ico-issueswarning-over-iphone-apps   The recent
FTC report on consumer privacy mentioned smartphones over 37 times and
expressly raised concerns and proposals over app privacy and app oba - key
ecosystem players have responded to this report so again, I cant
understand how this is not on key radars.

Also, I spoke about these issues at the the W3C workshop held last July in
London.

It is a fact that users of smartphones sit a complex global web of
relationships with app providers, app stores, browser vendors, advertisers
and others. The only thing that appears consistent in this fragmented
ecosystem is the lack of consistency in approaches to privacy - this does
not seem to aid the development of ways in which users might be given
clear, simple, context aware and device appropriate ways in which to be
aware of the privacy implications of apps and to exercise choice and
control in respect of access to and the use of their information.  Here's
a good example from 2009 of how privacy matters to consumers:
http://news.idg.no/cw/art.cfm?id=99AAA891-1A64-67EA-E4B0225F34268201

It seems clear to me that industry needs to come together on this or risk
other stakeholders deciding what industry should do.

just some thoughts.










On 08/04/2011 10:39, "Robin Berjon" <robin@robineko.com> wrote:

>On Apr 8, 2011, at 01:06 , Jules Polonetsky wrote:
>> Pandora seems to be acting just like hundreds of other apps. An entire
>>mobile ad network ecosystem is already built around such
>>data...replicating the traditional  ad network and data exchange system
>>on the web. 
>> And although udids are used instead of cookies for tracking when third
>>party cookies aren't available in the mobile environment (safari and
>>apps) plenty of web sites or web advertisers pass their account IDs to
>>web ad nets for reporting and analysis.
>> Not justifying, just always surprised when the existence of an entire
>>well publicized industry sector is news!
>
>Because it's only well-publicised to privacy advocates. No one else
>knows. I've been describing this in every outreach or customer meeting
>I've had over the past year or so, and people are at best surprised  in
>general they tend to not really believe it. I think that's part of the
>problem.
>
>--
>Robin Berjon
>  robineko  hired gun, higher standards
>  http://robineko.com/
>
>
>



This email and its attachments are intended for the above named only and may be confidential. If they have come to you in error you must take no action based on them, nor must you copy or show them to anyone; please reply to this email or call +44 207 356 0600 and highlight the error.




default.jpg
(image/jpeg attachment: default.jpg)

Received on Friday, 8 April 2011 14:33:16 UTC

This archive was generated by hypermail 2.3.1 : Tuesday, 6 January 2015 20:23:52 UTC