Results tagged “privacy” from Interalia
"One who does not wish to disclose his movements to the government need not use a cellular telephone."Recently, the question of using location derived from cellular networks for the purposes of law enforcement has come up in the courts. The DOJ under President Obama has appealed to a Philadelphia court an earlier decision that access to location requires a search warrant based on probable cause. In particular, the brief put up by the Obama DOJ states that as part of using a cell phone, the user assumes the risk that location will be accessible by the government.
-- DOJ under G.W. Bush
The argument the government is making is essentially this: it is reasonable to believe that the user of cellular services understands that the service provider must have some knowledge of the whereabouts of the user in order to provide the service, and thus by participating in this service, they are in effect providing information about their whereabouts to the service provider, and in turn to the government.
OK, there are a number of obvious concerns I have with this line of argument. Here is my shortlist:
- It's not at all clear why sharing location information with my service provider would imply
a willingness to share it with the government.
- In order to provide cellular service, the service provider also has access to a variety of other information, including who the user communicates with, and the information communicated. They certainly need to know the former, and for practical purposes have access to the latter. Does this then imply that there is no reasonable expectation of privacy regarding this information?
In short, I believe that instead of continuing to fight for these draconian measures initiated by the Bush administration, the Obama administration would be well served to move in favor of the Fourth Ammendment here and drop this appeal. It would not be a stretch to consider this issue in the context of Obama's promise while running for office to eliminate warrantless wiretaps.
A few weeks ago, Apple
unveiled plans
for it's upcoming release of the iPhone operating system. As part of these announcements there were some
positive steps relating to location privacy. In particular, see
this review
in the NY Times.
Scott Forstall, Apple Sr. VP of iPhone Software, referred to "fine-grained settings" such as managing the list of applications with access to location and end-user notification settings.
This is an important step forward from the current smartphone and mobile web model where each application (or mobile web site) is silo'd with it's own permission settings.
Scott Forstall, Apple Sr. VP of iPhone Software, referred to "fine-grained settings" such as managing the list of applications with access to location and end-user notification settings.
This is an important step forward from the current smartphone and mobile web model where each application (or mobile web site) is silo'd with it's own permission settings.
[cross-post from Veriplace Blog]
I ran across an interesting study the other day out of the U.C. Berkeley School of Information. The study considered the privacy provisions laid out in the W3C Geolocation API, and recommendations for its improvement. The Geolocation API is a part of the HTML5 specification, and as such will play an important role in location-based mobile web applications as mobile devices continue the rapid adoption of HTML5.
While the conclusions of the study were certainly excellent, I found most interesting the list of privacy-related criteria that were derived after considering a range of existing frameworks and standards. These are reprinted here:
Taken together, this is a great list, and expands in important ways on existing guidelines, such as the CTIA Best Practices and Guidelines for LBS. Although perhaps an implementation detail, I might add one item: Uniform Privacy Management Interface. As LBS services proliferate, it will become more difficult for the end user to effectively manage location privacy. Providing a unified, consistent interface for managing access to location across services will be critical to ensuring the simplicity and transparency necessary to safeguard user privacy.
I ran across an interesting study the other day out of the U.C. Berkeley School of Information. The study considered the privacy provisions laid out in the W3C Geolocation API, and recommendations for its improvement. The Geolocation API is a part of the HTML5 specification, and as such will play an important role in location-based mobile web applications as mobile devices continue the rapid adoption of HTML5.
While the conclusions of the study were certainly excellent, I found most interesting the list of privacy-related criteria that were derived after considering a range of existing frameworks and standards. These are reprinted here:
- Appropriateness: Is the collection of location information appropriate given the context of the service or application?
- Minimization: Is the minimum necessary granularity of location information distributed or collected?
- User Control: How much ongoing control does the user have over location information? Is the user a passive receiver of notices or an active transmitter of policies? Are there defaults? Do they privilege privacy or information flow?
- Notice: Can requesters transmit information about their identity and practices? What information is required to be provided to the user by the requesting entity? What rules can individuals establish attach to their location information and transmit? Is there a standard language for such rules?
- Consent: Is the user in control of decisions to disclose location information? Is control provided on a per use, per recipient or some other basis? Is it operationalized as an opt-in, opt-out or opt model?
- Secondary Use: Is user consent required for secondary use (a use beyond the one for which the information was supplied by the user)? Do mechanisms facilitate setting of limits or asking permission for secondary uses?
- Distribution: Is distribution of location information limited to the entity with whom the individual believes they are interacting or is information re-transmitted to others?
- Retention: Are timestamps for limiting retention attached to location information? How can policy statements about retention be made?
- Transparency and Feedback: Are flows of information transparent to the individual? Does the specification facilitate individual access and related rights? Are there mechanisms to log location information requests and is it easy for individuals to access such logs?
- Aggregation: Does the standard facilitate aggregation of location information on specific users or users generally? Does the specification create persistent unique identifiers?
Taken together, this is a great list, and expands in important ways on existing guidelines, such as the CTIA Best Practices and Guidelines for LBS. Although perhaps an implementation detail, I might add one item: Uniform Privacy Management Interface. As LBS services proliferate, it will become more difficult for the end user to effectively manage location privacy. Providing a unified, consistent interface for managing access to location across services will be critical to ensuring the simplicity and transparency necessary to safeguard user privacy.
