Slashdot Mirror

← Back to Stories (view on slashdot.org)

Londoners Tracked By Advertising Firm's Trash Cans

Posted by timothy on from the time-for-spoofing dept.

schwit1 asks "How can I automatically have my wi-fi turn off when I leave the house unless I specifically turn it back on?" and provides this excerpt from Wired to illustrate why that would be useful: "Hundreds of thousands of pedestrians walking past 12 locations unknowingly had the unique MAC address of their smartphones recorded by Renew London. Data including the "movement, type, direction, and speed of unique devices" was recorded from smartphones that had their Wi-Fi on. First reported by Quartz, the data gathering appears to be a Minority Report-esque proof-of-concept project, demonstrating the possibility for targeted personal advertising. 'It provides an unparalleled insight into the past behavior of unique devices — entry/exit points, dwell times, places of work, places of interest, and affinity to other devices — and should provide a compelling reach data base for predictive analytics (likely places to eat, drink, personal habits etc.),' reads a blog post on the company's site. In tests running between 21-24 May and 2-9 June, over 4 million events were captured, with over 530,000 unique devices captured. Further testing is taking place at sites including Liverpool Street Station." (The name sounds a bit like a government project, but Renew London is actually an advertising / marketing firm.)

2 of 189 comments (clear)

  1. Re:Cell phones must stop broadcasting MAC addresse by Anonymous Coward · · Score: 5, Interesting

    The 802.11 protocol does not require cell phones to broadcast their MAC addresses. Phones do it so that they can discover nearby networks faster, but it is completely optional.

    Except, of course, that it does. In order to associate to an access point, you have to send your MAC address. [...]

    To discover a nearby access point 802.11 only requires that you listen for the broadcast.
    To connect to it, yes, you need to exchange MAC addresses - but this is only required if you actually want to connect to the AP.

    The GP is correct, actively throwing your MAC address around to networks you have no desire to connect to is not required by the protocol and should be disabled by default.

    Now, if your phone wants to go whoring around with every open AP just to save on wireless data transfer, that's a different problem...
    Probably also something that should be disabled by default.

  2. Re:Cell phones by clonehappy · · Score: 4, Interesting

    Here are a few simple rules I follow to try and mitigate the amount of my data that third-parties can get their hands on, at least as far as mobile devices are concerned:

    1. Turn Wi-Fi on only when you're around trusted (or at least known) APs. This would be at work, home, friends houses, etc. Out in public, that's why I pay for an LTE connection, no worries about Starbucks or Target's Wi-Fi doing anything nefarious. Keep Wi-Fi off unless you actually plan on using it.

    2. Turn Bluetooth on only when you plan on using it. For me, this is when I'm using my headset at work, which is rare as I would rather use my desk phone, or when I'm streaming music to my car radio or home audio system. Otherwise, I try to keep it off.

    3. When I don't need push email, data is turned off altogether. Yep, a really smart dumbphone until I need it to be an actual internet connected smartphone. This means that real-time tracking data is at least only stored until the next time I connect.

    4. What you say about tracking transmission on licensed cellular bands, if true, I guess turn the damn thing off when you don't need it is as good as solution as any, but now you're defeating the purpose of having a mobile device at all. As far as Target tracking ESNs and anything going across licensed cellular bands, here in the States at least, it runs afoul of numerous laws and FCC regulations, and I hope that if they are doing this (I really have a "citation needed" in my head on that one) that they find out really quick why they shouldn't be.

    I realize how ridiculous it sounds to be turning connections on and off all the time, but that's only until I think about how ridiculous it is that every device is trying to grab my MAC addresses and make a profile on me. I also realize that governments and service providers are going to know, at the very least, where I am at all times based on which cell site I'm connected to, at least until when (or if) the time comes that we can get stronger privacy legislation passed and actually taken seriously. But just because the 3-letter agencies and cellular providers know, doesn't mean every questionable app I've ever installed and every trash bin I pass by also needs to know.

    Long story short, only use what you need, when you need it, and never trust third party apps or infrastructure unless you have a good reason to, which is almost never as far as I'm concerned.