W3C home > Mailing lists > Public > public-privacy@w3.org > October to December 2015

Tracking with ultrasound beacons. Web Audio API privacy considerations need updating?

From: Lukasz Olejnik (W3C) <lukasz.w3c@gmail.com>
Date: Thu, 12 Nov 2015 21:18:06 +0000
Message-ID: <CAC1M5qqt21Ddw0U8EmbiKYNE42DByjN-pjqERYiOSQsBGdBPDQ@mail.gmail.com>
To: "public-privacy (W3C mailing list)" <public-privacy@w3.org>, public-audio@w3.org
Dear all,

I would like to raise the current issue of tracking using ultrasound audio

SilverPush PRISM [1] is a program/method enabling cross-device tracking. In
short, it is the association of users of desktops/laptops with devices such
as smartphones.  The intention is to enhance tracking and profiling, so
users can experience more rich Web content, of course.

It supposedly uses ultrasound beacons via speakers, emitted by scripts on
websites. These can then be detected by smartphone apps.

It is, however, bringing some transparency issues. Users are unaware of
this, can't provide consent, and can't configure their browsers according
to their expectations.

The current privacy considerations of Web Audio API [4] are not addressing
these concerns. Possibly we should ask for an update?

We might consider investigating, and deciding -  if possible -  should Web
- be subject of permissions
- limit the output to filter out infra/ultrasound, if possible (?)
- have an additional note

Thanks and regards

Ps. This is addressed to PING and  Audio Working Group.
Pps. As a side note - [3] - TV advertisements can emit ultrasound beacons
as well.

[1] http://www.silverpush.co/?_escaped_fragment_=/prism#!/prism
[3] http://thetechportal.in/2015/09/23/silverpush-funding/
[4] http://www.w3.org/TR/webaudio/#PrivacyConsiderations
Received on Thursday, 12 November 2015 21:18:37 UTC

This archive was generated by hypermail 2.4.0 : Friday, 17 January 2020 16:49:31 UTC