A resident of Maassluis registered the Mac addresses of 54,000 smartphones and passed them on to an opt-out register. The action of the “Robin 2.4Ghz Hood” keeps all these phone owners out of the municipality’s Wi-Fi tracking.
The promotion is intended to protect the privacy of the residents of Maassluis. The man behind the initiative, Jerry Hopper, also exposed a privacy leak in the neighborhood app Nextdoor in 2019.
Hopper’s current action is against the municipality’s plan to count visits to the center by April 2021 by registering the unique ID codes of WiFi transmitters (MAC addresses). Anyone who does not want that, says Maassluis, should switch off the Wi-Fi antenna of his phone. According to the technical blogger, that is the other way around, because European privacy rules are opt-in. Don’t opt out.
For a few weeks now, the resident of the city has therefore been measuring the MAC addresses of cars that pass his house. “Knowing that I am also violating the privacy law with this plan, I feel like a kind of Robin Hood in the shadowy realm of data collectors. As far as possible, I have tried to use the same techniques. There is even an opt-out. We anonymize the mac address “on the sensor” by hashing it 2x, and “cutting off” part of the hash. ”
The purpose of the action: “If the hash does not exist, we will send the MAC over a secure connection to the MOA opt-out register.” That register called Wifi Me Niet is the place where people can extract the address of their phone, tablet and computer from the measurement. That is a private initiative.
The more than fifty thousand mac addresses collected by Hopper are more than the thirty thousand inhabitants of his city, he explains on his blog.
“Another question is: how long will it remain technically possible to send unlimited mac addresses to the opt-out register. I am also very curious about how the mac addresses sent by this project are handled if they notice that they have been added via an automated process. Would they be removed? ”
The municipality of Maassluis is not alone in measuring visits to its city center by counting Wi-Fi antennas. Enschede is doing the same. For that, however, the municipality was fined six hundred thousand euros on Wednesday. Research by the Dutch Data Protection Authority showed that the privacy of citizens was not properly guaranteed. They could be tracked without it being necessary.
In Enschede, it was technical politician Dave Borghuis who put the city on fire with his Wi-Fi move.
Municipalities cannot be surprised by the popular slap on the fingers. The Dutch Data Protection Authority already warned shops and municipalities in June 2016 that they must have a legal basis for tracking citizens.
Enschede does not agree with the decision and says it will object to the decision.