TfL is going to track all London Underground users using Wi-Fi

kevin_roche

Member
Joined
26 Feb 2019
Messages
446
Last edited:
Sponsor Post - registered members do not see these adverts; click here to register, or click here to log in
R

RailUK Forums

kevin_roche

Member
Joined
26 Feb 2019
Messages
446
Probably because TfL is generally seen to be trusted (and an organisation that has little to gain from "nefarious" use of the data), and because if you don't like it you can simply turn off your wifi.
I have no problem with the organisation knowing where I am but people always forget that your data can still get into the wrong hands. For example if you had a stalker who used it to follow you it might be of more concern.
 

MikeWh

Established Member
Associate Staff
Senior Fares Advisor
Joined
15 Jun 2010
Messages
6,114
Location
Crayford
The data will be immediately anonymised. There will be no way to assign a device to a person. They are purely interested in tracking trends of people using the network.
 

Surreytraveller

Established Member
Joined
21 Oct 2009
Messages
1,580
The data will be immediately anonymised. There will be no way to assign a device to a person. They are purely interested in tracking trends of people using the network.
Surely they can use Oystercards and contactless to track trends?
Or perhaps using WiFi to track people as well they can tell if people are using more expensive routes to complete their journeys than the Oyster system charges for?
 

jellybaby

Member
Joined
27 Dec 2012
Messages
329
Surely they can use Oystercards and contactless to track trends?
Or perhaps using WiFi to track people as well they can tell if people are using more expensive routes to complete their journeys than the Oyster system charges for?
Oyster or contactless tells TfL a passenger entered at Liverpool Street and exited at Victoria. It doesn't reveal if they took the Circle line or the Central+Victoria or another route.
 

MikeWh

Established Member
Associate Staff
Senior Fares Advisor
Joined
15 Jun 2010
Messages
6,114
Location
Crayford
Or perhaps using WiFi to track people as well they can tell if people are using more expensive routes to complete their journeys than the Oyster system charges for?
As the wi-fi data is anonymised they won't be able to match it to a specific Oyster card or CPC. TfL involved the Information Commisioner in the early stages of designing the system precisely to avoid any concerns later on.
 

Surreytraveller

Established Member
Joined
21 Oct 2009
Messages
1,580
As the wi-fi data is anonymised they won't be able to match it to a specific Oyster card or CPC. TfL involved the Information Commisioner in the early stages of designing the system precisely to avoid any concerns later on.
Yes, I know. But they will probably track trends to see if people tend to use the routes they expect them to use. Is WiFi free on the Underground?
 

NSEFAN

Established Member
Joined
17 Jun 2007
Messages
3,319
Location
Southampton
Yes, I know. But they will probably track trends to see if people tend to use the routes they expect them to use. Is WiFi free on the Underground?
For the purposes of tracking where a device is, you don't have to connect to the WiFi. The access points can register that a device is nearby every time it scans for WiFi networks.
 

codek

Member
Joined
11 Oct 2018
Messages
14
They did this a year ago and advertised it heavily.

They even published the results. They did find people using weird routes. In response they concluded it was an education issue and the plan was better signage.

They did also spot clever people taking seemingly longer routes that avoid congestion!
 

WideRanger

Member
Joined
15 Jun 2016
Messages
173
IKEA do the same for visitors in their stores (to monitor how people navigate the shop). I'm sure it must be pretty common.
 

jellybaby

Member
Joined
27 Dec 2012
Messages
329
As the wi-fi data is anonymised they won't be able to match it to a specific Oyster card or CPC.
Unless you enter or exit at Roding valley...

I suspect that given enough data you could match WiFi MAC address tokens with Oyster/contactless data. If you were to look at all times my card was used across the network in a year and then looked at MAC address tokens seen at the same times I wouldn't expect many matches. Tokens that change everyday would prevent that but there may be other ways of joining the data up although maybe TfL want to know how routine travellers behaviour is different to occasional visitors?

It would be nice if TfL provided details of their 'irreversible, one way pseudonymisation process'. It feels like something there should be an open industry standard for which can then get some proper scrutiny.
 

kevin_roche

Member
Joined
26 Feb 2019
Messages
446
It would be nice if TfL provided details of their 'irreversible, one way pseudonymisation process'. It feels like something there should be an open industry standard for which can then get some proper scrutiny.
There are several standard ways to do this. SHA-1 or SHA-256 for example are well known one way processes. Unfortunately they are not completely unbreakable since they could be broken with rainbow tables. The use of the Salt helps as long as nobody knows what it is.
 

frediculous

Member
Joined
23 May 2017
Messages
70
Don't forget most smartphones utilise MAC address tumbling so the displayed address will change every day, if not more.

Lots of places do this: airports and shopping centres to name two.
 

Ken H

Established Member
Joined
11 Nov 2018
Messages
2,143
Location
in Greece on holiday
The data will be immediately anonymised. There will be no way to assign a device to a person. They are purely interested in tracking trends of people using the network.
there is a technique know as 'jigsawing' This is where you take several databases from different sources and try and make matches to build up a profile of a person.
So even if you only have a small amount of data about a phone, you may well be able to join it to another database...
 

jellybaby

Member
Joined
27 Dec 2012
Messages
329
Don't forget most smartphones utilise MAC address tumbling so the displayed address will change every day, if not more.
Apparently they only do that when sending out probes, not when joined to a network.

https://tfl.gov.uk/corporate/privacy-and-cookies/wi-fi-data-collection?cid=wifi-data-collection

How we process it and how to prevent processing
Un-authenticated devices
If your device has not signed up to use the free Wi-Fi provided on the London Underground network, it's an 'un-authenticated device'.

When your device sends a probing request, it will contain a MAC address. Most modern devices send out a randomly generated MAC address to prevent unknown routers identifying the device.

We will not process un-authenticated devices for the purposes described below. We will remove un-authenticated devices from the data that we will be analysing as soon as possible after receipt.

Preventing processing
If you would like to stop your device from sending out probing requests, you can turn off Wi-Fi on your device, turn your device off or put the device into airplane mode while at our stations.

Authenticated devices
If the device has been signed up for free Wi-Fi on the London Underground network, the device will disclose its genuine MAC address. This is known as an authenticated device.

The following processing only relates to authenticated devices.

We process authenticated device MAC address connections (along with the date and time the device authenticated with the Wi-Fi network and the location of each router the device connected to). This helps us to better understand how customers move through and between stations - we look at how long it took for a device to travel between stations, the routes the device took and waiting times at busy periods.

We do not collect any other data generated by your device. This includes web browsing data and data from website cookies.
 

rebmcr

Established Member
Joined
15 Nov 2011
Messages
3,126
Location
Cambridge
There are several standard ways to do this. SHA-1 or SHA-256 for example are well known one way processes. Unfortunately they are not completely unbreakable since they could be broken with rainbow tables. The use of the Salt helps as long as nobody knows what it is.
Encryption is nothing to do with anonymisation.

Unless two MAC addresses collide to the same hash (which by design of hashing algorithms is vanishingly unlikely) the record of an individual's movements are effectively unchanged, no matter whether the person tracking them is seeing the bare MAC address, or the 1:1 associated hash. Salting will similarly have zero impact on this, unless it causes the aforementioned practically-impossible collision.
 

kevin_roche

Member
Joined
26 Feb 2019
Messages
446
Encryption is nothing to do with anonymisation.

Unless two MAC addresses collide to the same hash (which by design of hashing algorithms is vanishingly unlikely) the record of an individual's movements are effectively unchanged, no matter whether the person tracking them is seeing the bare MAC address, or the 1:1 associated hash. Salting will similarly have zero impact on this, unless it causes the aforementioned practically-impossible collision.
You are correct. There is no need to know someones MAC address the hash would work equally well.
 

thejuggler

Member
Joined
8 Jan 2016
Messages
835
If I was a regular user knowing how busy each service is is useful. If the service arriving is rammed, but the next one 2 minutes behind is half empty I would know to wait.

As a visitor knowing which route to take based on typical loadings (not on what I think is the most direct route) at the time I am travelling would also be useful.
 

Mojo

Forum Staff
Staff Member
Administrator
Joined
7 Aug 2005
Messages
17,750
Location
0035
If I was a regular user knowing how busy each service is is useful. If the service arriving is rammed, but the next one 2 minutes behind is half empty I would know to wait.
London Underground already has this information on the automated lines, and it comes from a more reliable source than Wifi, but I’m not sure it’s included in the information given out publicly on their APIs. You could always ask a friendly member of staff if they have an iPad.
 

Top