On 2017-09-08 14:40:46 +0000, Martin Coffee said:

On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office about its
plans and passengers could opt out by switching their wifi off. It said
that the phone data was “de-personalised�, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube network.
They pick up on a code that identifies each phone, the media access control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly� encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the phone cannot
be identified even if the encryption could be reversed. No browsing data
was collected, meaning that emails and the internet habits of passengers
could not be shared with third parties.
[snip]
Let's face it. Even if encrypted, you cannot anonymise a MAC address
as it is unique to each phone.

You can turn it into something that can't be (realistically) turned
back into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data. You just encrypt a MAC address and identify the
location data in just the same manner as the tracking occurs. Thus the
location can still be re-associated with the original MAC address.

Sure, if you know a particular MAC address and the encryption procedure
and access to the location data then you may be able (and I note Dr B's
comments in his response) to recreate the key and therefore track the
MAC address. Most of us (and I again I bow to Dr B) probably can't do
that.

There has been recent suggestions that it might become a criminal
offence to de-anonymise anonymised personal information. It seems to
me that this legislation is urgently needed.

Surely the most likely people to want to do this would be criminals
anyway, so criminalising their activities seems slightly pointless.
Deterring casual peepers is probably worth doing.

Sam

--
The University of Edinburgh is a charitable body, registered in
Scotland, with registration number SC005336.

On 08/09/2017 17:34, Sam Wilson wrote:
On 2017-09-08 14:40:46 +0000, Martin Coffee said:

On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office
about its
plans and passengers could opt out by switching their wifi off. It
said
that the phone data was “de-personalised�, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube
network.
They pick up on a code that identifies each phone, the media access
control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly� encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the phone
cannot
be identified even if the encryption could be reversed. No browsing
data
was collected, meaning that emails and the internet habits of
passengers
could not be shared with third parties.
[snip]
Let's face it.Â* Even if encrypted, you cannot anonymise a MAC
address as it is unique to each phone.

You can turn it into something that can't be (realistically) turned
back into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data.Â* You just encrypt a MAC address and identify
the location data in just the same manner as the tracking occurs.
Thus the location can still be re-associated with the original MAC
address.

Sure, if you know a particular MAC address and the encryption procedure
and access to the location data then you may be able (and I note Dr B's
comments in his response) to recreate the key and therefore track the
MAC address.Â* Most of us (and I again I bow to Dr B) probably can't do
that.

Surely the most likely people to want to do this would be criminals
anyway, so criminalising their activities seems slightly pointless.
Deterring casual peepers is probably worth doing.

Surely the problem is if this becomes widespread as eventually you'll
get enough data to identify not just the phone but the individual.

It's fine if it's kept to the tube, but let's take the advertising
angle, presumably the advertisers won't be satisfied with just knowing
what the busiest platform is but would prefer to target their adverts to
one or more groups of people on that platform.

By hooking up a similar system with retailers they work out that of the
group on the platform at 08:30 a significant proportion are e.g.
Waitrose shoppers. And it then goes on and on until you end up pretty
much being able to identify the iindividual, what they buy, where they
live etc without actually ever using any personally identifiable
information.

I'm not sure of the relevant legislation but presumably the only way to
avoid this is that each entity having such a system has to have a
different algorithm (or at least key) for anonymising the MAC data so
each data set remains siloised (but would the supplier of the system
still be able to join the different datasets?)

On 09/09/2017 10:37, Someone Somewhere wrote:
On 08/09/2017 17:34, Sam Wilson wrote:
On 2017-09-08 14:40:46 +0000, Martin Coffee said:

On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office
about its
plans and passengers could opt out by switching their wifi off. It
said
that the phone data was “de-personalised�, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube
network.
They pick up on a code that identifies each phone, the media
access control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly� encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the
phone cannot
be identified even if the encryption could be reversed. No
browsing data
was collected, meaning that emails and the internet habits of
passengers
could not be shared with third parties.
[snip]
Let's face it.Â* Even if encrypted, you cannot anonymise a MAC
address as it is unique to each phone.

You can turn it into something that can't be (realistically) turned
back into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data.Â* You just encrypt a MAC address and identify
the location data in just the same manner as the tracking occurs.
Thus the location can still be re-associated with the original MAC
address.

Sure, if you know a particular MAC address and the encryption
procedure and access to the location data then you may be able (and I
note Dr B's comments in his response) to recreate the key and
therefore track the MAC address.Â* Most of us (and I again I bow to Dr
B) probably can't do that.

Surely the most likely people to want to do this would be criminals
anyway, so criminalising their activities seems slightly pointless.
Deterring casual peepers is probably worth doing.

Surely the problem is if this becomes widespread as eventually you'll
get enough data to identify not just the phone but the individual.

It's fine if it's kept to the tube,Â* but let's take the advertising
angle,Â* presumably the advertisers won't be satisfied with just knowing
what the busiest platform is but would prefer to target their adverts to
one or more groups of people on that platform.

By hooking up a similar system with retailers they work out that of the
group on the platform at 08:30 a significant proportion are e.g.
Waitrose shoppers.Â* And it then goes on and on until you end up pretty
much being able to identify the iindividual, what they buy, where they
live etc without actually ever using any personally identifiable
information.

I'm not sure of the relevant legislation but presumably the only way to
avoid this is that each entity having such a system has to have a
different algorithm (or at least key) for anonymising the MAC data so
each data set remains siloised (but would the supplier of the system
still be able to join the different datasets?)


Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.



--
Graeme Wall
This account not read.

Graeme Wall writes:

Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.

How effective is this? Maybe I am unusual, but when I am shopping my
phone is normally in my pocket, so I would not see these adverts. Apart
from incoming (phone) calls, the only time I would look at my phone in a
shopping mall is when sat in a coffee shop or restaurant.

On 09/09/2017 13:16, Graham Murray wrote:
Graeme Wall writes:

Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.

How effective is this? Maybe I am unusual, but when I am shopping my
phone is normally in my pocket, so I would not see these adverts. Apart
from incoming (phone) calls, the only time I would look at my phone in a
shopping mall is when sat in a coffee shop or restaurant.


I believe it has only happened in the States so far, but judging by the
number of young women one sees walking round with their smart phones
permanently in front of their faces, it has the potential to be quite
effective. Also I think the initial adverts are text messages so you
would hear an alert.

--
Graeme Wall
This account not read.

In message , at 19:11:52 on Sat, 9 Sep 2017,
Graeme Wall remarked:

Shopping malls have been doing a similar thing to send you
"targetted
adverts" as you approach various shops.
How effective is this? Maybe I am unusual, but when I am shopping my
phone is normally in my pocket, so I would not see these adverts. Apart
from incoming (phone) calls, the only time I would look at my phone in a
shopping mall is when sat in a coffee shop or restaurant.

I believe it has only happened in the States so far

They had a trial at Bluewater really quite a long time ago. I can't be
bothered to look it up, but around ten years perhaps?
--
Roland Perry

On 09/09/2017 19:15, Roland Perry wrote:
In message , at 19:11:52 on Sat, 9 Sep 2017,
Graeme Wall remarked:

Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.
Â*How effective is this? Maybe I am unusual, but when I am shopping my
phone is normally in my pocket, so I would not see these adverts. Apart
from incoming (phone) calls, the only time I would look at my phone in a
shopping mall is when sat in a coffee shop or restaurant.

I believe it has only happened in the States so far

They had a trial at Bluewater really quite a long time ago. I can't be
bothered to look it up, but around ten years perhaps?

As long as that? There was a piece about it in New Scientist a few
years back.

--
Graeme Wall
This account not read.

Graeme Wall wrote:
On 09/09/2017 13:16, Graham Murray wrote:
Graeme Wall writes:

Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.

How effective is this? Maybe I am unusual, but when I am shopping my
phone is normally in my pocket, so I would not see these adverts. Apart
from incoming (phone) calls, the only time I would look at my phone in a
shopping mall is when sat in a coffee shop or restaurant.


I believe it has only happened in the States so far, but judging by the
number of young women one sees walking round with their smart phones
permanently in front of their faces, it has the potential to be quite
effective. Also I think the initial adverts are text messages so you
would hear an alert.


Texts would be more difficult that just tailoring already-requested
advertising to your specific location, surely? Though presumably very local
mobile (rather than wifi) transmitters would be able to harvest phone
numbers; by wifi that'd need some way of finding phone numbers from
whatever info wifi can harvest.


Anna Noyd-Dryver

Graeme Wall wrote:
On 09/09/2017 10:37, Someone Somewhere wrote:
On 08/09/2017 17:34, Sam Wilson wrote:
On 2017-09-08 14:40:46 +0000, Martin Coffee said:

On 08/09/17 15:00, Sam Wilson wrote:
On 2017-09-08 13:18:33 +0000, Martin Coffee said:

On 08/09/17 14:03, Recliner wrote:
[snip]
[TfL] said it was talking to the Information Commissioner’s Office
about its
plans and passengers could opt out by switching their wifi off. It
said
that the phone data was “de-personalised�, with nothing to identify
individuals.

The system works by using 1,070 wifi access points on the Tube
network.
They pick up on a code that identifies each phone, the media
access control
(MAC) address, and track them from point to point.

Each MAC address was “irreversibly� encrypted, TfL said. Prior to
encryption, a random code is added to each to ensure that the
phone cannot
be identified even if the encryption could be reversed. No
browsing data
was collected, meaning that emails and the internet habits of
passengers
could not be shared with third parties.
[snip]
Let's face it.Â* Even if encrypted, you cannot anonymise a MAC
address as it is unique to each phone.

You can turn it into something that can't be (realistically) turned
back into a MAC address that can be used to identify the
phone/tablet/laptop/whatever.

You don't have to turn the "anonymised" back to a MAC address to
de-anonymise the data.Â* You just encrypt a MAC address and identify
the location data in just the same manner as the tracking occurs.
Thus the location can still be re-associated with the original MAC
address.

Sure, if you know a particular MAC address and the encryption
procedure and access to the location data then you may be able (and I
note Dr B's comments in his response) to recreate the key and
therefore track the MAC address.Â* Most of us (and I again I bow to Dr
B) probably can't do that.

Surely the most likely people to want to do this would be criminals
anyway, so criminalising their activities seems slightly pointless.
Deterring casual peepers is probably worth doing.

Surely the problem is if this becomes widespread as eventually you'll
get enough data to identify not just the phone but the individual.

It's fine if it's kept to the tube,Â* but let's take the advertising
angle,Â* presumably the advertisers won't be satisfied with just knowing
what the busiest platform is but would prefer to target their adverts to
one or more groups of people on that platform.

By hooking up a similar system with retailers they work out that of the
group on the platform at 08:30 a significant proportion are e.g.
Waitrose shoppers.Â* And it then goes on and on until you end up pretty
much being able to identify the iindividual, what they buy, where they
live etc without actually ever using any personally identifiable
information.

I'm not sure of the relevant legislation but presumably the only way to
avoid this is that each entity having such a system has to have a
different algorithm (or at least key) for anonymising the MAC data so
each data set remains siloised (but would the supplier of the system
still be able to join the different datasets?)


Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.


'Send you' by what means?


Anna Noyd-Dryver

"Anna Noyd-Dryver" wrote in message
news

Shopping malls have been doing a similar thing to send you "targetted
adverts" as you approach various shops.


'Send you' by what means?

Targeted ads via Facebook, Twitter, Google or any other apps on your phone
thgat have access to your location.

It's not necessary for you to have a 'phone switched on in order for you to
be tracked: Gatwick airport (a shopping mall if ever there was one) have a
system that does it all with CCTV and face recognition. It's all about
working out how long it takes people to get through the airport and the
places they visit on the way, especially for departures.

I visited a consumer technology exhibition at one of the clients I was
working at a few years ago. We were invited to stand in front of a camera
and watch on a nearby screen while a system worked our age, sex, social
class and other information, displaying the results next to our faces on the
screen. For me it was fairly close within a few seconds (certainly close
enough for targeting ads) and very accurate within a minute. I think the
other information included how we were feeling that day...

--
DAS