Why hasn't anyone built logic for when to share what
- DNS blacklist
- Location
- Presence availability - "working" turns you invisible
Our data is already out there - should we worry?
Hi rsarver
mylocation.kml?key=q2349askjadf - revokable
build it! Show what it looks like and what the repercussions may be
Seth putting publicly share logging tool that you control
Control sharing at the device level?
Worry stifles innovation - Dopplr had to limit API
anyway for a user to audit tracking?
Not just stalkers - can we trust gov't? "look near a crime - anyone here is a suspect"
"youth" assume a utopia?
it's not "them", it's "us" - we're users and we're developers
Nathan Eagle's relationship mining - ContextAware
- mobile users don't really have opt-out, carriers already storing this information
Regulatory frameworks already exist in some countries
- Canada, location is already being stored
- Automobiles will be tracked soon
- UK has 30m CCD TV's with face tracking
Social Good vs. Bad balance
"Bad" is retrospective
We can't necessarily control the large effects, but we can casually control the cranks & pranks
Impact of relationships with privacy
- inferral due to proximity
- without explicit approval or against will?
People working on very hard solutions
Late start on de Bono Hats: http://en.wikipedia.org/wiki/Six_Thinking_Hats
White Hat
already doing
services for sharing
large entities already aggregating & using
e911 mandates are required to track location
users unaware of how much information is shared
stored: location, history, time, place, patterns, video, social graph, devices, actions (things you do, e.g. credit cards)
Red Hat
scares some people
misunderstanding
very exciting!
people want omniscience but anonymity
uncertainies
assumptions
voyeurism / exhibitionism
future impact
obsession
information overload
concern on association of guilt
evaluation of your behavior
what if someone gets access to the server
will people fake the location? by user/place
Yellow
fakeable
serendipity
growing social group
orgs are taking privacy seriously
tangible benefits
open discourse
we've learned from mistakes
know what to expect, kinda, so questions to ask
companies have policies & they are audited
Black
have we learned?
can you really fake? or just perceived fake "Can you really fake it?" -Tyler Bell (quoting something or other)
people are watching us
do we *really* have control?
no user-facing auditing
no recourse if it leaks
by not sharing we're losing capability/functionality
individuals can be picked out of the herd -
we're not all sharing the same risk
obscurity is hard, doesn't work as well as we think
Green
Geolocation potentially enables verifiable voting (implications)
Implement it and see how it goes
User feedback (should be public)
- Google user feedback as example
Location broker
- that does fuzzying, preferences
Precedence by services that can handle it well
allow users to have their own location brokering system that hooks in the rest of the ecosystem
Search capability to learn how the information is being propagated & long term storage
Provide choice
Companies can expose their auditing system - that they were audited?
Look at HIPA for what works & doesn't work
Reverse audit tracking - push onto services
- dead-man switch
- ways to see if info leaked, fake data bits
Demonstrate that users get benefit from sharing
Blue
go forth and demonstrate
bring awareness regarding existing government policy & how to move forward future policy
Best practices in implementing privacy
- FireEagle Developer Code of Conduct a good start
- others: LocationAware.org, geopriv
- Wiki or public discussions
look at temporal accuracy
Bring this issue up & discuss in public: family, friends, other conferences, blogs, mailing lists
Comments (0)
You don't have permission to comment on this page.