W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2011

Re: Opt-out for wifi network of the Google Location Server

From: Nicholas Doty <npdoty@w3.org>
Date: Sat, 26 Nov 2011 13:24:45 -0800
Cc: Karl Dubost <karld@opera.com>, "public-privacy (W3C mailing list)" <public-privacy@w3.org>
Message-Id: <DBA5EA10-20B2-4EBC-A204-0D6B0783AD36@w3.org>
To: Bjoern Hoehrmann <derhoermi@gmx.net>
On Nov 26, 2011, at 12:27 PM, Bjoern Hoehrmann wrote:
> Well, it seems to me that if network operators should be able to "opt-
> out" of having their networks participate in third party geolocation
> schemes, then Google means that all "clients" need to be updated so the
> information about the "_nomap" networks never reach Google servers.

I think that's not quite right. In fact, your Android device will still send home the _nomap SSID and its MAC address to Google, specifically so that Google can remove the MAC from its geolocation database (where it's almost certainly already collected). This will make it harder to test, and require us to trust that these geolocation providers will remove any previously collected data, but enables retroactive opting out, which is essential here. It will be difficult for an owner of an access point to confirm that her access point has been removed from any single geolocation database.

To represent current practice, I think you may wish to add an exception to draft-hoehrmann-nomap to allow the communication of the SSID to signal removal of information about the network from collected databases.

óNick
Received on Saturday, 26 November 2011 21:24:52 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Saturday, 26 November 2011 21:24:52 GMT