Threat Level: green Handler on Duty: Basil Alawi S.Taher

SANS ISC: InfoSec Handlers Diary Blog - Gathering and use of location information fears - or is it all a bit too late InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Gathering and use of location information fears - or is it all a bit too late

Published: 2011-04-28
Last Updated: 2011-04-28 02:25:24 UTC
by Chris Mohan (Version: 1)
7 comment(s)

With all the excitement in the media at the moment about vendors being able to track our every move*, Apple have released Q&A [1] on what data they actually track on the iPhone.

It's an interesting enough read and may calm the fears of some of being tracked. Or perhaps not.

The Internet Storm Center has published a number of stories on data being collected, in a delightful variety of ingenious ways, then sold to marketers to gain a better insight in to how to get the consumer to spend more money. This wealth of information from raw data has huge applications and, as an example, the Dutch Police took the initiative. They bought data from TomTom to place speed traps and cameras [2], which is a very sneaky idea and much more accurate for revenue generation that building them on busy roads. In case you were attempting new land speed records on Dutch roads, all the data purchase was anonymous, so you're safe from the digital arm of the law...

The part of this story that is thought-provoking comes from customer pressure on TomTom to stop doing this. TomTom have agreed and changed their policy on-selling the traffic data.

 When many raise their voices in complaint, threaten to leave the service and create negative publicity does it make a different to the mega corporations? Or have we simply lost this battle all ready as we signed, check-boxed or clicked "agree" a EULA [3] giving our acceptance to track, monitor, use and sell any data generated.

 I'll leave it up to you to decide if consumer power is one thing that can make a difference once you discover something is tracking your every move.

Of course, if you constantly updating your location in FourSquare, Facebook, Twitter et al while using your loyalty cards then you may not care in the first place.

[1] http://www.apple.com/pr/library/2011/04/27location_qa.html

 [2] http://www.engadget.com/2011/04/27/tomtom-user-data-sold-to-danish-police-used-to-determine-ideal/

 [3] http://www.webopedia.com/TERM/E/EULA.html

 

*Fancy that - I mean it's not like I'm carrying at least two items that bleat out my location every few seconds that are designed so people can get in contact wherever I am. Plus I pay a small fortune for the privilege to own the lovely, shiny devices - I could be my own privacy's own worst enemy. Hmmm.

Chris Mohan --- Internet Storm Center Handler on Duty

7 comment(s)
Diary Archives