this post was submitted on 14 Nov 2024
16 points (94.4% liked)

Privacy

31975 readers
671 users here now

A place to discuss privacy and freedom in the digital world.

Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.

In this community everyone is welcome to post links and discuss topics related to privacy.

Some Rules

Related communities

Chat rooms

much thanks to @gary_host_laptop for the logo design :)

founded 5 years ago
MODERATORS
 

Border Protection (CBP) released its long overdue Privacy Impact Assessment (PIA) on Commercial Telemetry Data. CBP defines Commercial Telemetry Data (CTD) as historic location data collected from mobile devices by tracking their advertising ID’s (adIDs).

Importantly, CTD can encompass more than just historic location data from smartphones. For example, ICE has been accessing car telemetry data from OnStar, a security system installed in millions of vehicles worldwide. In fact, most car companies sell your data. Arguably, CBP should have a much broader view of what constitutes telemetry data. The Berlin Group, an international working group on data protection, has defined telemetry data more broadly as “data that is collected and transmitted by a device or application on a more or less continual basis. Telemetry data usually consists of information on operational behavior or environmental parameters but may also include elements like location information.” Any connected device can create telemetry data—and where it is created, it is also sold.

Thus, CBP’s PIA has an extremely narrow view of what constitutes CTD—which is no surprise. CBP’s PIA on CTD is extremely vague, years too late, and is a complete failure to comply with federal privacy regulations. PIAs are statutorily required by the E-Government Act prior to implementation of any information technology that has privacy implications. But there is a pattern of DHS and its components doing PIAs after implementing the technology and nonchalantly violating our civil liberties. This PIA is the latest example.

top 1 comments
sorted by: hot top controversial new old
[–] [email protected] 2 points 20 hours ago* (last edited 20 hours ago)

I know you’re just using the original title, but consider changing it to this and saving some neurons for the next readers:

CBP’s “Privacy Impact Assessment on commercial telemetry data” highlight urgent need for PIA reform