(article linked from m/Android)

  • @B16_BR0TH3R
    link
    11 year ago

    Please explain how the data collection I described would be a breach of privacy in Europe or anywhere else. What rule or statute would it not be compliant with?

    • ciferecaNinjoOP
      link
      fedilink
      1
      edit-2
      1 year ago

      First of all, the answer to that wouldn’t matter because the article is about privacy protection not law enforcement. But to answer the question, collecting personal info about people without their express consent in Europe violates the #GDPR.

      The GDPR makes some exceptions for cases where info can be collected on people nonconsentually (e.g. public health systems, law enforcement, scientific research), but your scenario does not match any legal exception. At best, you would have to make your activity part of a scientfiic study. And you wouldn’t get away with simply claiming it’s for science. You would have to make a convincing case that the study is for signficant public benefit.

      • @B16_BR0TH3R
        link
        11 year ago

        No, SSIDs are obviously public (since you’re transmitting them to outside your own house) and would come under the GDPR provisions for collecting publically available information. You may need to inform me that you’ve collected my data, but that’s all.

        • ciferecaNinjoOP
          link
          fedilink
          1
          edit-2
          1 year ago

          There is no GDPR provision for collecting publicly available information that is personal w.r.t. individuals. You can only collect public info if it cannot be tied to an individual. For example, if a car is illegally parked and you photograph it and post it online, you must blur the license plate. It doesn’t matter that the image was in the public.

          But again, this whole subthread is a #redHerring because the article is for those who actually intend to keep their sensitive info out of public view, not the others for whome the topic is irrelevant.

          • @B16_BR0TH3R
            link
            11 year ago

            Call it a red herring if you like, I’m just curious to see your rationale for claiming that others can’t legally collect the information that I’ve willingly broadcasted to all and sundry. I can’t say that I understand the rationale yet. I agree with your last example that I would need to obscure the license plate if I published a picture of your car on a public street, but the example doesn’t seem to cover the actual case. A better example might be that you were shouting your license plate number out to a crowded street. Would I then be prevented from writing down (collecting) the number that you were shouting?

            • ciferecaNinjoOP
              link
              fedilink
              1
              edit-2
              1 year ago

              A better example might be that you were shouting your license plate number out to a crowded street. Would I then be prevented from writing down (collecting) the number that you were shouting?

              How would you comply with article 13? Would you walk over to me and give me your contact details as required by ¶1(a), the purpose of your collection ¶1©, the length of time you will keep the data ¶2.(a), and also informing me of my right to erasure ¶2©?

              What if I shouted my plate number from a moving car & you were only able to write it down before I was gone? How are you going to comply with article 13? Are you going to get in a faster car & chase me down to shout back all that information about you as a data controller?

              Also, which article 6¶1 rationale do you think makes your collection lawful?

              Google & Apple may or may not have the contact details of those whose WiFi data they collect but I certainly have never received an article 13 compliant notice from Google or Apple (neither of whom I have contracts with).