Tracking with ultrasound beacons. Web Audio API privacy considerations need updating?

Dear all,

I would like to raise the current issue of tracking using ultrasound audio

SilverPush PRISM [1] is a program/method enabling cross-device tracking. In
short, it is the association of users of desktops/laptops with devices such
as smartphones.  The intention is to enhance tracking and profiling, so
users can experience more rich Web content, of course.

It supposedly uses ultrasound beacons via speakers, emitted by scripts on
websites. These can then be detected by smartphone apps.

It is, however, bringing some transparency issues. Users are unaware of
this, can't provide consent, and can't configure their browsers according
to their expectations.

The current privacy considerations of Web Audio API [4] are not addressing
these concerns. Possibly we should ask for an update?

We might consider investigating, and deciding -  if possible -  should Web
- be subject of permissions
- limit the output to filter out infra/ultrasound, if possible (?)
- have an additional note

Thanks and regards

Ps. This is addressed to PING and  Audio Working Group.
Pps. As a side note - [3] - TV advertisements can emit ultrasound beacons
as well.


Received on Thursday, 12 November 2015 21:18:35 UTC