+1, plus a small further comment: Paul says "if this feature didn't exist, we'd 
have to invent an overt equivalent" as if that's a bad thing.

>From my perspective, that kind of design decision ought always to be an overt 
>one - especially where, as Stephen implies, an occasional use-case 
>(trouble-shooting) is used as the justification for a permanent default with 
>privacy implications (linkable, semantically-loaded MAC address).

I recommend Michelle Dennedy's book, The Privacy Engineer's Manifesto, and 
Sarah Spiekermann's book on Value-based Design, for useful and informative 
guidance in this area.

Hope this is of use,

Robin Wilton

Technical Outreach Director - Identity and Privacy

On 14 Oct 2016, at 17:07, "Stephen Farrell" <stephen.farr...@cs.tcd.ie> wrote:

> On 14/10/16 15:55, Paul Kyzivat wrote:
>> When looking at devices seen on WiFi the vendor ID is often displayed
>> and used to figure out which device is which, to correlate problem
>> symptoms with likely causes, and many other reasons.
> How often? Compared to how often those are uselessly sent?
> (With the privacy downsides applying in all cases.)
> I'm not saying that the "I need to debug stuff" arguments
> for access to information are baseless, but I do think we
> (techies) to better consider the privacy implications of
> things like that.
> S.
> _______________________________________________
> perpass mailing list
> perpass@ietf.org
> https://www.ietf.org/mailman/listinfo/perpass

perpass mailing list

Reply via email to