• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
Location & Privacy; from OMG! to WTF?
 

Location & Privacy; from OMG! to WTF?

on

  • 3,939 views

"Location & Privacy; from OMG! to WTF?"; presented on March 12th. 2010 at WhereCamp EU 2010 at wallacespace King's Cross in London. ...

"Location & Privacy; from OMG! to WTF?"; presented on March 12th. 2010 at WhereCamp EU 2010 at wallacespace King's Cross in London.

This is a recapped version of a talk of the same name I gave at Embedded Connectivity in January 2010 (http://www.slideshare.net/vicchi/location-privacy-from-omg-to-wtf)

Statistics

Views

Total Views
3,939
Views on SlideShare
3,926
Embed Views
13

Actions

Likes
1
Downloads
23
Comments
0

2 Embeds 13

http://londonfirst.dev01.maverick.local 12
http://www.slideshare.net 1

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment
  • Computers like numeric identifiers; coordinates such as long/latIP addressesCell tower IDsPublic WiFi MAC addresses
  • … in a mail-shot marketing database
  • … your entry in the Phone Book
  • … on the local electoral roll
  • In a cold call marketing database
  • … in a mail-shot marketing database
  • … or in the whois entry for your domain.
  • You should be able to define and control the accuracy and privacy of your location as supported within any given application, including separate levels for personal use and public use if possible. You should expect and understand how your location data may be aggregated or obfuscated to prevent ‘reverse identification’ from historical location data patterns stored in the applicationYou should have the right to remove any and all personally identifiable data from the application at any time, and suspend or stop providing location data indefinitely until re-authorized by the user. If you choose to remove personally identifiable information you should expect and understand how your data will be obfuscated or deleted from the application immediately and in it’s entirety. You should know when and how your location is being captured or used within the application, and have the ability to stop or limit access at any time. This provides transparency and trust, while giving you flexibility and control within context of the application.You should understand exactly what personal data and location information is necessary for the service or application, and prohibit access to any additional or unnecessary information unless authorized. If the application supports multiple user experiences dependent on additional information, the functionality and requirements should be clearly communicated and you should be given the option to authorize or restrict additional information as requested.
  • You own your data – always. You can choose to grant worldwide, non-exclusive, revocable access to their location data and it’s use within an application, but your data and any data it generates should always remains within your ownership and control. You should have the right to give or revoke permission to your personal data and any location data you generate at any time. Standard security methods for privacy and protection, such as OAuth or public/private key encryption, give the you the ability to share or remove access easily and immediately, at any time. All data collection is ‘opt-in’ and includes the ability to view, control, and delete any and all locations in the application or stop providing location data at any time, easily and without undue “hassle”.You should be able to understand how your personal data and location will be used before agreeing to any service, in unambiguous and easily understood language that is always readily available. Any changes should be proactively communicated, and cover basic areas of privacy and security such as:• Accuracy – will your location information be accurate at the street, neighborhood or city level?• Location History – will your location information be stored or tracked beyond ‘current’ location? • Public Visibility – will your location be made public or visible outside of your own personal use? • Sharing – will your location be shared with other users, applications, or services in any way? How?Your location data should be protected at all times for both privacy and personal safety, you should demand and expect encryption and authentication controls at every level. Data should never be left vulnerable or exposed to uses other than that which you have given explicit permission.
  • You should know exactly how your data is used and stored beyond its own use within the application, and demand security and privacy controls in place to remove any identifiable information. You should understand that aggregated and anonymous location data can be used for additional features and functionality, and will be responsibly managed by the application in compliance with local, state, and federal laws.You provide their data and consent to applications based on honesty, transparency, and trust with its owners and developers under the terms of service or legal agreements. Any transgression or violation of that honesty and transparency on the part of an application or its developers will not be tolerated, and may be subject to prosecution under local, state, or federal laws.You should have the right to provide a location as your own source of truth, separate from your actual or detected location, and have the stated location respected over the actual location. In other words, you should be able to lie about where you are.
  • Your location is both powerful and valuable. It’s far less about where you currently are …
  • Your location is both powerful and valuable. It’s far less about where you currently are …
  • … and much more about where you’ve been; home, school, work, holiday. Let’s call this your location stream. It’s deeply personal information. I touched on responsible, well thought out, location services but how do you tell? There’s some pretty crucial questions you should ask yourself before you start to use a location service, any location service. So here’s a list of points you should bear in mind when deciding on whether to use a location service ... call it an “opt in location manifesto”
  • Your location is both powerful and valuable. It’s far less about where you currently are …
  • These are not decisions someone can make for you. You, as an individual, need to assess whether you feel comfortable with allowing a third party access, albeit limited access, to your data and to your location.

Location & Privacy; from OMG! to WTF? Location & Privacy; from OMG! to WTF? Presentation Transcript