I just watched the video in which Yahoo! FireEagle was announced.
It's a geolocation broker, a user's geolocation is shared with FireEagle by any device or mechanism capapable of determining it (the 'Finders'), so that it can be subsequently shared with any other application (the 'Seekers') that may want it (user permissions allowing etc).
Do the potential privacy advantages of a broker model (i.e. single point of control, etc) outweigh the basic privacy principle of minimal disclosure? FireEagle does nothing with the user location data it receives from Finders other than control its subsequent release to Seekers. Isn't this the job & responsibility of the Finders?
It is an undeniably simpler proposition for the Finders to concern themselves only with the sharing of privacy-sensitive data with FireEagle rather than the multitude of Seekers that might ask for it. Just ask the user
'Do you consent to sharing your geodata with Yahoo!? You will need to talk to them directly to constrain what they do with it.'
and you are done.
But I don't think it's a given that the Finders' responsibility to the user for protecting their geo-privacy can be abdicated in this manner.
A key part of the Liberty Alliance Identity Governance Framework are policy mechanisms that would allow Finders to constrain the uses to which Seekers put the geodata (i.e. no direct marketing) they receive from FireEagle, even once shared with FireEagle.
Finder policy would persist through FireEagle.
Hoever they do it, I think they need something comparable. The Losers (of identity data) in this game will be Weepers.
No comments:
Post a Comment