Location tracking -- a bill of rights?

Brian Smithson brian at grot.com
Thu Oct 13 04:55:01 PDT 2005 

[OK for IP if it's OK with you]

Dave,

I think Dennis' post about dodgeball gives a real life example of what I
think should be the basic "Bill of Rights" for tracking devices. This is
kind of rough, as I am making it up as I write. And pardon my wishful
thinking :-).

I. I should be informed of the existence of any tracking mechanism.

This would include those which are integral to a product like in a
cellphone, those which are deliberate add-ons like if "dodgeball" is
an app I'm installing on my phone, and those which are embedded for
some purpose unrelated to my own purpose like an RFID inventory-
tracking tag in a sweater that I'm buying. Many people don't know
that their phone can be used to track their location. Many more won't
know that their *sweater* could be used to track their location.

II. I should be able to turn the tracking function on and off.

Of course, this may render the item useless, like a cellphone which
can't communicate with its network. RFID companies won't like this
one because RFIDs usually have no external controls and cost is a
major factor in RFID adoption, so maybe it will be sufficient in some
cases to
simply be able to turn the function off (permanently). After I've bought
the sweater, inventory tracking is no longer needed.

III. I should be able to give explicit permission for trackers to track
me for specific purposes.

This would be like GLBA privacy laws, only let's try to make them
actually work :-). So the cellphone carrier could track me, but only for
the purpose of making the phone work unless I give them permission to
do something else with that information.

IV. I should be able to give permission through intermediaries.

For example, I might want to give my cellphone carrier permission to
give my tracking information to a third party for a particular
purpose. This could have multiple levels, such as if (through a third
party service, let's say dodgeball) I gave permission to Bob and
Carol but denied it to Ted and Alice.

V. I should own my tracking information.

Those who facilitate tracking would have a "license" to the tracking
data. I should be able to control how long it is retained by revoking
that license.

VI. Tracking facilitators are common carriers.

Let's say I have a Verizon phone. If I want Verizon to make my
tracking data available to another party, such a request should not
be unreasonably refused. In other words, if I want Verizon to make my
tracking data available to dodgeball, for example, they should not be
able to refuse and insist that I use their social networking service
instead.

VII. I should be able to access records of who has been tracking me,
when, and how.

This may not be easy all the way to a personal level, but we should try.
I can think of cases when I would want to know that on March 19th, Joe
Blow at the phone company looked at my location records for the month of
February. Or I might just want to know who location-enabled-spammed me
when I had not given anyone permission to do that.

VIII, IX, and X. I know there should be 10 rights, but I couldn't
think of them.

--
- Brian Smithson
  brian at grot.com


-------------------------------------
You are subscribed as eugen at leitl.org
To manage your subscription, go to
 http://v2.listbox.com/member/?listname=ip

Archives at: http://www.interesting-people.org/archives/interesting-people/

----- End forwarded message -----
--
Eugen* Leitl <a href="http://leitl.org">leitl</a>
______________________________________________________________
ICBM: 48.07100, 11.36820            http://www.leitl.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE

[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]

More information about the cypherpunks-legacy mailing list