Here's the link to his posting: Liking One Social Wi-Fi Cases Study and Disliking Another
Check out Lee's comments at the roundtable here
Lee, what a great write-up! I think you nailed the counter-point perspective perfectly, and I am happy to read, and respond to, what your concerns are.
I'll start with this:
The information, in the case study that we are using, that is gathered from the profile is not stored for more than the user session in the environment. Why? Because of the "Christmas Music" factor. If I retain your info and hang onto it, what happens when you're listening to Christmas music in December and you return to the AP in July? I don't care about your previous musical taste because it's not relevant. Relevancy is the whole key to this thing. Sure, there is data that can be collected and used to draw conclusions (top 10 music lists, top 40 artists of the year, etc.) but that data doesn't have to be tied to any personal data whatsoever.
The key here, again, is to deliver relevancy to the end-user by using the most current and up to the minute information possible. Music, food, experience, etc. all play into that, but only for the life of the session. Transient data my friend .. definitely saves on "big data" storage costs as well :)
Second, the opt-out list.
http://www.smartstoreprivacy.org/). This gives you the ability to black-list or opt-out your MAC address from not only Wi-Fi tracking, but low power Bluetooth as well for future iBeacon stuff.
In addition to both of these points is MAC hashing, or user hashing. Sean Blanton from AirTight went over this a bit; in short the data collected is linked to a hashed ID when collected. This keeps you, you, and turns your data into another "thing".
In our examples, to address your bullet points:
- If I opt in, can I opt out? (The example here is a bar- what if I’m crocked when I opt in?)
- If I opt out, can I ask that anything to do with me personally be deleted?
Dependent upon the person who you granted access to and built the application, maybe! It's up to each individual developer.
- Can I expect that anything to do with me that was sold to others in exchange for “free” Wi-Fi be deleted from those other data stores as well?Again, dependent upon the person that you originally shared the data with.
- If it becomes common knowledge that my personal life preferences are manifesting through the establishment’s environmental reaction to my presence, how might a stalker or identify thief leverage that simply based on what they observe, even if they don’t know my name?Knowing your preferences in things like music or beer selection, while I guess could be part a bigger picture to stalk you, are probably some of the end-trails of the information a stalked would use to go after you. I mean, if I was stalking you, I'd dig through your trash first and stake-out your house .. just sayin :)
- What if “the algorithm” somehow gets it wrong, and turns me into someone I’m not based on what it reads in my profiles and shares that with the outside world through interactions with me at the establishment?
- What if the algorithm gets it wrong, and sells my flawed persona to other companies who now think I’m someone I’m not?Those two points are totally awesome. If you, like Sam mentioned at WFD7, game the data, there's no telling what will come up. However that's the outcome of trying to trick the system though, right? Garbage in, garbage out? :)
Like I said, overall I am stoked that you approached this, especially on your blog. It was a pleasure to hang out with you and I hope to keep this conversation going. This is definitely going to be one of those topics that is never answered satisfactorily to anyone's expectation, but it's great for conversation!