Re: MAC addresses and privacy... from Rigo Wenning on 2010-10-12 (public-privacy@w3.org from October to December 2010)

From: Rigo Wenning <rigo@w3.org>
Date: Tue, 12 Oct 2010 10:15:32 +0200
To: erin@elchemy.org
Cc: Mark Lizar <info@smartspecies.com>, public-privacy@w3.org
Message-Id: <201010121015.33622.rigo@w3.org>

Erin, 

the social expectation is key here. And for DNA, the legal system has much 
better understood the ramifications. Finding the DNA of a person at a place of 
crime is not evidence. It is only an indication of evidence as someone may 
have spread your hair there to misdirect investigators. 

One can spoof mac-addresses. So in addition to the expectation of privacy, the 
service's expectation of uniqueness and reliability is also ill advised. So 
the music industry may be chasing the wrong person. (if they care who they are 
chasing anyway). The Mac-Address has a certain function in the network. If 
someone starts to widen the function, we should also ask ourselves whether 
this is fit for purpose. I don't think so, but we are going towards a culture 
where any kind of trial/alpha software is first tested in real life on real 
persons with real consequences. 

And this returns to the question that Jacques raised, that you raised, that 
Hal raised at the workshop[1]: The question about liability for such behavior. 
But to do so, we have to determine expectations to determine the mismatch. And 
this is only the start of the legal issues here as in Privacy matters it is 
extremely hard to prove damages. But there are ideas floating of having a flat 
rate for privacy violations. 

Best, 

Rigo
1.http://www.w3.org/2010/policy-ws/

On Tuesday, October 12, 2010 00:18:36 Erin Kenneally wrote:
> perhaps it's helpful to analogize to expectations associated with dna:
> there was little concern about dna expectation of privacy when our best
> methods to identify people were based on a/b/o blood group typing ...
> that changed as pcr or rflp technology enabled that same blood spatter
> evidence to distinguish individuals to the exclusion of others by
> anchoring off of the dna in blood.
> 
> given that diatribe, that's not to say that our laws don't have some
> evolving to do w/ respect to interpreting privacy harms, but people
> don't take notice until they suffer tangible harm.

Received on Tuesday, 12 October 2010 08:16:10 UTC