Hmm - but unacceptable to whom? There are definitely times when I am perfectly comfortable self-asserting a false location. In fact, I'd go further and say that in general, I have no use for location-based services… To be honest, I think service providers often get the location-based services argument the wrong way round; what's useful to me, as a user, is the ability to go online and locate something (say, a restaurant) regardless of *my* current location. (So, for instance, I can find out where my hotel in San Diego for next week is, even though I'm in the UK). I am less interested in passively disclosing my location so that I can be told what is in my immediate vicinity.
I take Martin's point about location fuzzing: the fact that I state a false location on Twitter won't fool someone who carefully monitors the times at which I tweet… they will quickly figure out that either I often tweet at 3 in the morning, or I'm not where I claim to be. But I think we should be careful about how we frame the problem and the potential goals. It is almost certainly not realistic to aim make it impossible for anyone to de-identify any data about me: in privacy terms, it's more viable to aim to raise the threshold of data needed for *some* third parties to infringe my privacy. The EU Article 29 Working Group implies this with its findings on what constitutes personal data. Their view is that some items of data (such as an IP address) are sometimes personally identifiable and sometimes not, depending on whether a third party is in a position to link them to other data items. Thus, as far as my ISP is concerned, my IP address is easy to link with a subscriber address… whereas to most other third parties, it is a relatively fuzzy identifier. Bottom line: I'm not sure if the required action here is further research work or changes to the draft, but I do think the problem would benefit from being explored and defined more fully… HTH, Robin Robin Wilton Technical Outreach Director - Identity and Privacy Internet Society email: [email protected] Phone: +44 705 005 2931 Twitter: @futureidentity
_______________________________________________ ietf-privacy mailing list [email protected] https://www.ietf.org/mailman/listinfo/ietf-privacy
