Bug#958497: geoclue-2.0 violates GDPR
Hello, I disagree with your opinion on this. I think that users should be aware that their SSIDs are visible and by deliberately broadcasting it, they agree that anybody can hear it and record it including any bad actors. They can always use the hide SSID feature. I think that in this case it's more like going outside and shouting something and then complaining that somebody heard that and even recorded that. Michel Le Bihan
Bug#958497: geoclue-2.0 violates GDPR
Package: geoclue-2.0 Version: 2.5.6-1 Severity: serious The geoclue package collects SSIDs in the neighborhood and sends them to Mozilla location services. The SSID of an adhoc network (which for instance is set up for tethering via a mobile phone) is personally identifiable information. Sending this information about a third person without his or her explicit consent to another party especially one outside of the European Union is in breach of the German law Datenschutz-Grundverordnung which is the German implementation of the European General Data Protection Regulation (GDPR). The easiest remedy would be to remove the package from the repository until it is fixed upstream to be compliant. Cf. https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=924516 src/gclue-config.c:219: #define DEFAULT_WIFI_URL "https://location.services.mozilla.com/v1/geolocate?key=; MOZILLA_API_KEY #define DEFAULT_WIFI_SUBMIT_URL "https://location.services.mozilla.com/v1/submit?key=; MOZILLA_API_KEY Best regards Heinrich Schuchardt
