You're probably aware that Google has been mapping the location of everyone's wireless network access points. You may not be aware that other companies, such as Skyhook, have been doing the same thing for quite a while. They both use the information to help work out where you are so that their mapping applications work faster and more accurately.
Google has also been capturing some of the data transmitted over the wireless networks too (if they weren't protected by encryption). A number of countries, including New Zealand, are investigating whether this is in breach of their privacy or bugging laws.
Is this information private?
Is it wrong to capture this data?
There seems to be general agreement that the mere fact that you have a wireless network at a particular location should be free for anyone to detect and record. It's the electronic equivalent of the number on your letterbox.
On the other hand, most people seem to agree that capturing the content of the network data is wrong. However, some people have claimed that if you broadcast your information to the world and don't secure it with encryption, can you really expect it to be private?
But this article isn't about that.
Harmless information can become revealing
This article is about the way that a piece of information that used to be innocuous can now be used to reveal personal information about you.
Ten years ago when I got my first wireless network the network details (SSID name and MAC) couldn't be used for anything and there was no reason for me to try to keep it secret. This has changed - now it's possible to use that information to look up my location.
Obviously this doesn't matter if someone is receiving the information directly from my wireless access point by standing next to my house - they already know where I am. But what if the information leaks onto the net somehow? This could happen a number of ways:
- Crash reports sent back to the supplier when an app or the OS crashes.
- Malware such as trojans, viruses and adware.
- A screenshot of some network configuration data I've posted to a support forum.
- The web browser could tell them (although it currently asks the user for permission).
There's probably no need to worry too much about this yet. On the other hand, you can be sure that there are a number of people trying to think of ways to exploit this information to make money either legally or illegally.
How harmless is that photo?
What other information are you releasing now that could be used in ways that you can't imagine in the future?
Take the example of photos. Uploading photos to a public website once didn't have any serious privacy issues. It was pretty easy to look at the content of the photos and decide whether you minded people seeing them or not.
Then photos started including location data - and suddenly someone could look at the photo of your house online and work out exactly where you lived. The obvious reaction, at least for the savvy user, is to make sure that they strip out the location before uploading the photo. Problem solved? Not any more. New photo processing tools such as Google Goggles can analyse a photo and work out what or who the photo is of and possibly where it was taken.
This means that photos that you feel comfortable uploading now may become more revealing than you realised as image processing and data matching technology improves.
More and more information is moving to the internet. We publish photos, update our Facebook status, chat to our friends, organise social events, etc. This raw data is increasingly being collated, matched, analysed and processed into information. Patterns are found and conclusions can be drawn about you that you may not even know yourself. Harmless data you publish now may turn out to infringe your privacy in the future.
To maintain your privacy now and in the years to come there are two things you should do:
- Carefully consider what the implications are before revealing information about yourself online. Assume that everything you publish will be linked back to you.
- Support changing our privacy laws to keep up with the changes in technology.
At Tech Liberty we support privacy as an inherent human right. New Zealand's Privacy Act is currently being reviewed and we'll be making submissions in an attempt to improve its ability to cope with technological change.