I’m a privacy advocate. I believe that unless I explicitly make the decision to share my information, my name, my age, my income level, my shoe size, my likes, my dislikes, my fears, hopes, fantasies, or any other information, you have no right to go behind my back to collect it. Moreover, I believe that if you are a company that sells or offers products or services that collect this sort of information, you need to make it plain and obvious to the consumer that they are giving up that information, and how you intend to use it. Essentially when I buy your product or use your service (free or not) we are entering into an arrangement of our own accord. You need to be up front with me about what you are getting from me in return for what I’m getting from you, because once I give you that information, I can never take it back. Therefore if you aren’t up front and clear, I can never get my payment refunded and I consider that a dubious business practice at best.
But what are we supposed to do with our local, state and federal governments when they get in on the privacy invasion act? We are usually told that the collection is just anonymous data, or its used only to identify potential threats, etc. We are supposed to believe that the government is good and that they would never infringe on our rights. How many times have you heard “If you aren’t doing anything wrong, you have nothing to hide?” I’ve done hours of radio on this topic so I don’t want to beat it to death, but what are we supposed to do when government and private corporations share data and complete the loop of invasion? Do any of us as consumers really know how far down the rabbit hole things go?
I recently read an article in Forbes about NYC using the toll tags to track peoples travels when they weren’t on tollways, which I and many others view as a gross violation of privacy. I’ve known that this was done in the Houston area as well for a while, as is probably the case in many municipalities across the country. I have, as a result, consciously avoided placing a toll tag on my car and opted to pay cash when possible, or avoid toll ways all together. What I’ve found out today though, has me infuriated because there may be no way to avoid what is now occurring. You see it came to my attention today that in Houston, the Transtar traffic system is not just using toll tag information to create its “traffic reporting”, but its also using bluetooth MAC addresses to create this information. What are bluetooth MAC addresses? They are very specific and unique numbers assigned to every single networking device, that have unique characters that identify the manufacturer, all the way down to the production level, and ultimately the actual device. These are in your computer (on the network cards), they are in your cell phones, basically anything that is used to transmit any type of data has one as this unique number is integral to modern data networking, which is to say, every modern convenience you enjoy, from Hulu, to this website, to the Bluetooth earpiece you use to talk on your phone, OR the Bluetooth connection you use while in your car requires a unique MAC address, which is ultimately traceable right back to you.
Now Transtar says that “The MAC addresses read by AWAM are not directly associated with a specific user and do not contain any personal data or information that could be used to identify or “track” an individual’s whereabouts.” Which is technically true in the sense that the MAC address in and of itself doesn’t contain this info, but it could easily be reconciled with databases provided by private companies, that could be used to track you, in fact it would be a great way to find y0u. Consider that your cell carrier damn well knows what MAC addresses are in your cell phone. With this government grid, it would take very little to get that information, and use it to see exactly where you are should you be traveling around the city. Of course they could easily tap into your phones GPS or triangulate you with the cell towers too. So why don’t you just turn off the phone? “In addition, all addresses collected by AWAM are anonymized through encryption immediately upon receipt.” If there is no threat, why are you encrypting them or telling us you are encrypting them? The only reason to encrypt them is if they are being stored. If you are using them to determine speed, it would be enough to just read the MAC address between the reading meters and retain no addresses. You would only bother with the overhead of encryption (which has to occur at the storage level) if the addresses are being retained. You’ve read that right. Your travel patters are being data based, which can then be used in predictive analysis. “Users who have privacy concerns are also able to turn off the Bluetooth discovery function of their device which prevents it from being read by AWAM at all.” Do you know how to turn your car’s Bluetooth off? Hell, I’m not even sure how to turn Bluetooth off on my car (See this posting about other users who have difficulty or are unable to turn off Bluetooth on their cars).
My point is that we as private citizens, and consumers should be educated about what we are purchasing and about technologies that our government is using and about any partnerships between companies or government to share information. If you cannot make a conscious choice to be included in a surveillance dragnet like this then they shouldn’t be using it at all. Granted there are some great uses of technology, but I as a private person, who is innocent until proven guilty, should be able to be completely invisible to my government. Anyone remember in The Constitution where the governments have a right to know where I’m traveling, who I’m talking to, or what I think? I don’t. Quit violating my privacy. If this technology were being used by an ex boyfriend on his former girlfriend, he’d likely be arrested for stalking. Why does the government think it should be able to do what a creepy ex boyfriend cant?