[OSM-talk] relating trace points to gpx files

Immanuel Scholz immanuel.scholz at gmx.de
Wed Jul 12 21:56:20 BST 2006


Hi,

> Someone a few days ago suggested that logs which showed someone
> exceeding the speed limit might be self incriminating. Leaving aside the
> sheer improbability of the traffic police being a) able to and
> b)motivated to trawl raw submitted tracklogs, and match them up to
> actual sections of road with known speed limits, and then given the fact
> that the usernames are anonymous, and can only be tied down to real
> email addreses (and thus people) by compromising the central server
> system - even then, GPX tracklogs are XML files, which are trivially
> editable, and so could not be admitted as evidence in any reasonable
> court of law (for instance, computer records are not admissable as
> evidence in an English court of law unless certified by a responsible
> person as an authoritative record, of say, failure to pay Council Tax)

What is every CEO doing first, if he looks on any promising application
for a sys-admin?

Right. He enter the applicant's name into Google.


So guess where a CEO hiring drivers for transport companies is searching
with.. ;-)


People who have to select other people out of many are always happy
about even fuzzy and unreliable data. It doesn't matter, as long as most
of the data is accountable and correct. Police doing dragnet
investigation, insurance agents evaluating their clients, airport
controller choosing whether you may use the automatic check-in or not..
All are interested in evaluable data. It does not matter whether the
data is 100% accurate or whether it can be faked by single individuals.

And if you have the email as connection, you can associate the GPX data
with other data already collected. This is what many people doing all
the day.


> I am a big advocate of personal privacy but given that the data has been
> anonymised by self selected nicknames, I don't see a problem. And I'm
> perfectly happy to continue uploading publicly viewable tracks,
> providing at least that my real email address isn't public.

Beware, that anonymity is not the same as pseudonymity. Using an
unimposing email still makes you only pseudonym, which is much easier to
break than real anonymity. I have seen data warehouse and crm tools that
are already able to attach pseudonym data based on statistics with a
quite good result.

As example, anonym would be if you use an fresh, random email for every
GPX file ;)


Ciao, Imi.

PS: There is another aspect on this issue: If anyone except me made
their identity public, then I am not able to enforce my wish of privacy
anymore. 

So people who reveal their identity because they don't care about
privacy make it harder or impossible for the remaining who care to keep
anonym.






More information about the talk mailing list