BBC News: Spy in your pocket

Richard Watts rrw at semiramis.org.uk
Fri, 1 Sep 2000 12:22:36 +0100 (BST) 

On Sunday 27 August 2000, Lucky Green
<shamrock@cypherpunks.to> wrote:

[snip]
>permission is obtained. Of course in some countries you don't need user
>permission. Not that there is much practical difference between the two.
>Sure, some countries require the user to agree with the location info being
>used. Which you have done the moment you click on the "Find nearest ATM"
>link for the first time. Or the "click here to allow us to increase the ways
>in which we can serve you", link for that matter.

 IANAL, but I'd argue that that didn't constitute consent - `find
 nearest ATM' might be sufficient to allow them to record your
 location one time only, on the grounds that you give them consent to
 do what's necessary to find your nearest ATM, but I doubt even
 that. `Click here to allow us ...' doesn't imply consent to anything
 other than what you might reasonably believe it does - certainly at
 the moment, I very much doubt that would be sufficient to establish
 consent to continuous location monitoring, and neither of those forms
 of consent involv consent to your selling the information to a third
 party.

 Of course, you can probably sell any information you've collected (if
 only by forcing the user to agree to this in their connection
 contract) without consent, and most companies will probably sell the
 information irrespective of whether they have consent or not, but
 that's life..

 I wonder if GCHQ will eventually begin offering the same service (I
wonder if they already are) ? After all, this is becoming their
business, to a great degree, and they don't have all those thorny
DPA problems that plague commercial organisations.

[snip]
>> Indeed, I predict that any serious attempt by advertisers to use the new
>> location technology would produce a backlash that sweeps away "opt out"
>> schemes for telephone services generally - leaving only permission-based
>> calls being allowed.

 I very much doubt that any amount of backlash will result in
permission-based calls. Once phones start being user-programmable, of
course, various hacks will result in it, but only for those who can
afford a user-programmable 'phone (and if the phone companies will let
you connect them - chances are it'll end up like modems: you're not 
technically allowed to, but everyone does).

[snip]
>> So why do the phone companies trot this out to explain why they are
>> developing position finding ??
>
>I don't know about the UK, but in many other countries the providers were
>required by law to install very expensive on-demand citizen-unit tracking
>capabilities. Naturally, the providers are planning to turn these hundreds
>of millions of dollars in sunk costs into a profit center.

 Ostensibly what were these laws attempting to do ? (I ask because 
terms like `A bill to allow indiscrimate surveillance of innocent
civillians' appear to be a recent innovation).

[snip]
>> >As a result, he said, the police could use this information to
>> >conduct covert surveillance of anyone using such a phone.
>>
>> The likely accuracy does not make it especially valuable surveillance in
>> built-up areas... (you won't know if the suspect went into the bank or
>> into the hairdressers) but I think it does suggest that it would be wise
>> to turn off the mobile before heading for the unofficial landing strip
>> in the Essex marshes :)

 What's the betting that sooner or later some(NSA)one will bully
'phone manufacturers into allowing the off switch to be remotely
reprogrammed over the air ? (do they indeed already allow this ?)

[snip]


Richard.