Re: Geofencing and privacy from Robin Wilton on 2015-07-02 (public-privacy@w3.org from July to September 2015)

From: Robin Wilton <wilton@isoc.org>
Date: Thu, 2 Jul 2015 14:56:53 +0000
To: Christine Runnegar <runnegar@isoc.org>
CC: "norcie@cdt.org" <norcie@cdt.org>, "chaals@yandex-team.ru" <chaals@yandex-team.ru>, "public-privacy mailing list) (W3C" <public-privacy@w3.org>
Message-ID: <A82F2CD0-4766-43FC-AB9C-2C261441D7DF@isoc.org>
Just a really quick comment (in a rush, I’m afraid), partly so I might remember to comment more later…

Seems to me that effective geo-fencing might also require the addition of metadata to the information itself.
(re Greg’s point about US vs EU… geo-fencing is all very well, but in the Internet environment it may actually be more useful to tag the data with metadata that says “this data originated in jurisdiction X”).

Apologies if this is so terse as to be meaningless!

R

Robin Wilton
Technical Outreach Director - Identity and Privacy
Internet Society

email: wilton@isoc.org
Phone: +44 705 005 2931
Twitter: @futureidentity

On 2 Jul 2015, at 14:42, Christine Runnegar <runnegar@isoc.org> wrote:

> Many thanks Greg and Charles.
> 
> Colleagues,
> 
> The earlier that we can provide our guidance in the development process the better.
> 
> Please take a look at the draft in the next week and share your views on this list. Let’s aim to send some consolidated PING feedback by mid July.
> 
> Ideally, please be specific about what could/should be changed (if anything) and why. Also, please suggest language for the privacy and considerations section.
> 
> Christine (co-chair)
> 
>> On 25 Jun 2015, at 5:13 pm, Greg Norcie <gnorcie@cdt.org> wrote:
>> 
>> Those are some great points.
>> 
>> I think that it would be useful for the standard to focus on notice and choice.
>> 
>> Specifically, it would be great if rather than being presented with latitude and longitude coordinates, any consent dialog was required to display a map showing the area being fenced.
>> 
>> Another way to enhance notice would be to set up "levels" of Geofences.
>> 
>> For example:
>> 
>> 	• Level 1: Down to the meter sensitivity (rooms in a house)
>> 	• Level 2: Building level sensitivity (user is at home)
>> 	• Level 3: Neighborhood level sensitivity (user is in the Mission)
>> 	• Level 4: City level (user is inSan Francisco)
>> 	• Level 5: Metro level: (User is San Francisco Bay Area - SF, Oakland, South Bay, etc)
>> 	• Level 6: State level: User is in California
>> 	• Level 7: User is in the United States of America
>> 
>> (Also, I know this is a pretty North America centric model since in Europe et al what would be a state would be another country, so I'm totally open to suggestions on how to tweak the language)
>> 
>> Levels with higher privacy implications could show more dire warnings and/or require more explicit, opt in consent.
>> 
>> IMHO users need to have continuous feedback about geofences - whenever entering/exiting there should be some sort of feedback about who is monitoring them, the granularity of the geofence, and an opportunity to revoke consent.
>> 
>> 
>> 
>> 
>> On Wed, Jun 24, 2015 at 4:45 AM, <chaals@yandex-team.ru> wrote:
>> 
>> 
>> 24.06.2015, 07:37, "Christine Runnegar" <runnegar@isoc.org>:
>>> Hi all.
>>> 
>>> The First Public Working Draft of Geofencing API has been published by the Geolocation WG:
>>> 
>>> http://www.w3.org/TR/2015/WD-geofencing-20150604/
>>> 
>>> You will see that there is still work to be done on the privacy and security considerations section.
>> 
>> I raised an issue [1] on the precision of circles - what happens if a user's geolocation is expressed as [51,0] - a rough location for "London" and a geofence is set up around 50.234567,-.31415927 - say, some GCHQ coffee point…?
>> 
>> A lot of what happens with geoinformation depends on understanding the resolution - are you allowing the system to discover that you are in a given city, on a given street, or whether you are sitting or standing at the tram stop? (Actually the current spec is pretty daft and can't tell if you're in a given street, only if you're within a certain ellipse defined by wgs84)?
>> 
>> What if someone sets up a private geofence for you, say "around your house". Browsers should probably provide a way to independently verify the area that is begin described... but will people use it? Not that many people can actually read a map - hence the popularity of turn-by-turn navigation.
>> 
>> cheers
>> 
>> Chaals
>> 
>> --
>> Charles McCathie Nevile - web standards - CTO Office, Yandex
>> chaals@yandex-team.ru - - - Find more at http://yandex.com
>> 
>> 
>> 
>> 
>> --
>> /***********************************/
>> Greg Norcie (norcie@cdt.org)
>> Staff Technologist
>> Center for Democracy & Technology
>> 1634 Eye St NW Suite 1100
>> Washington DC 20006
>> (p) 202-637-9800
>> PGP: http://norcie.com/pgp.txt
>> 
>> Fingerprint:
>> 73DF-6710-520F-83FE-03B5
>> 8407-2D0E-ABC3-E1AE-21F1
>> 
>> /***********************************/
>
Received on Thursday, 2 July 2015 14:57:30 UTC