Interview on location trackersGoogle and Apple „are hoping to avoid being banned“

AirTags can be super useful. But in women’s shelters they’re deadly. Topics such as stalking are a new thing for the standards organization IETF. But this is what was needed when discussing a standard for location trackers. Mallory Knodel says the IETF should be proud of itself to be expanding its mandate.

Person holding AirTag in one and phone in other hand. Phone shows some map with location indicator.
Location Trackers are often small and can easily be hidden in a bag. – Gemeinfrei-ähnlich freigegeben durch Đức Trịnh

The German version of the interview is available here.

Mallory Knodel is the Chief Technology Officer of the Center for Democracy & Technology and co-chair of the Human Rights Protocol Considerations Research Group of the Internet Research Task Force. She is involved in the development of a standard for location trackers, which was recently announced by Google and Apple.

The idea of the new standard is to make it possible to recognize trackers such as Apple’s AirTags with devices by other companies. We spoke to Knodel about the different interests surrounding the topic of location trackers and whether the new standard will actually benefit stalking victims. About a year ago, Google and Apple announced an initiative to create an industry standard for location tracking services and recently announced it’s being implemented. Whose idea was it to create this new standard?

Mallory Knodel sitzt auf einem Podium
Mallory Knodel says she’s in the camp of “these devices should be banned.” - Alle Rechte vorbehalten privat

Mallory Knodel: Google and Apple had committed to working together on an approach that would be device agnostic. While they had their own separate products and their own separate operating systems, they need to leverage all the Bluetooth devices more largely. So they were working together and they had already started drafting a specification. This is similar to when they came together to work on Bluetooth tracking during the Covid 19 pandemic.

And they were open to input, especially from victims or most affected parties. Google and Apple were hosting and listening to feedback from different advocacy organizations and groups.

The reason to do it at the IETF was because a standards body allows for consensus building across the industry, not just these two companies. And the second purpose is because the IETF is totally open. All of its mailing lists are published online. All its meetings are recorded. Its minutes are official. The participation in those meetings is tracked. Intentionally, because there are requirements for intellectual property disclosures. That transparency would allow for some of the advocacy that the group’s most affected were performing to be also on the record. And then there was a specific working group for this?

Mallory Knodel: Yes, it’s called the Detecting Unwanted Location Trackers Working Group. And that’s an IETF working group. What was your role in this working group and how did that come to be?

Mallory Knodel: I attend the meetings and I follow the issue for CDT. CDT had weighed in on the effort before Apple and Google took this to the IETF. CDT was really pushing for work to happen in the IETF because we understood the value the to the two outcomes I mentioned before.

Still, a standard isn’t a foregone conclusion. You can’t just take something to the IETF and expect it to be standardized. It is a whole process. So Nick Doty and I introduced the idea that Apple and Google take their white paper to the IETF to see if the work they had already done on what they thought this specification would look like would be of interest to people in the IETF. IETF folks suggested that they host a meeting and talk about whether this should be a standards track document at the IETF. These meetings are called “birds of a feather” (BoF) sessions.

The goal is to determine whether to charter, and what should be the charter of the working group: its tasks, and what it is going to be standardized. The charter is approved by the relevant area director, in this case the security area. Incidentally, the security area director that approved this is now the IETF chair and so this has had a lot of attention. Once the charter is approved the work can begin on the document itself and potentially other documents, too. Based on the charter, there was some room in the charter that other things might come up besides just this very specific document on the Apple/Google scheme to detect location trackers.

“The entire effort assumes that victims’ needs should be considered” What was this extra room in the charter for? The human rights issues with regard to the location trackers?

Mallory Knodel: The extra space that was created had to do with the protocol itself. The paper that Google and Apple wanted to do was specifically and only focused on the detection of their own trackers.

So some security minded folks said: we can’t just deal with this narrow slice of detecting trackers when they’re unwanted. We might actually have to define some specifications for the way that these trackers work at all. Apple and Google didn’t totally agree but they did open the door just like a tiny bit to allow for that kind of specification.

The human rights issues were actually already present because groups like CDT, the National Network to End Domestic Violence and the Electronic Frontier Foundation had been vocal about their views on the specification. The entire effort assumes that victims’ needs should be considered and threats mitigated. So how did they get included?

Mallory Knodel: There were lots of reports in the media of people using location trackers to stalk. It’s a terrible thing. So clearly Apple and Google have to do something. After all these reports a lot of people said: don’t sell these trackers, just don’t have them. The human rights cost is too high for a product like this.

At this point there was no regulation of them. So the goal is for them to get ahead of this and to come up with their own solution. These trackers are now ubiquitous and there are lots of companies selling them. And the technical solution is to use this network of anything Bluetooth connected to identify other things that are Bluetooth connected to give signals to the Bluetooth items that have a screen. And that screen can then say to the user: there’s a device that’s been near you for a while.

“You could subscribe right now and effectively be working in the working group” Why did Apple and Google work together?

Mallory Knodel: They’re doing it for technical reasons. They’re also doing it for PR reasons. Because as an industry, they’re hoping to avoid being banned.

And so they take this idea to the IETF. And end user advocacy groups are going into the IETF along with them. The IETF has virtually no experience with dealing with groups like this. We have the Human Rights Protocol Considerations Research Group (HRPC), but it’s usually treated as like a side show. This case is an example that really helped demonstrate the need for experts within the community to understand not just the technology, but also the human rights angle.

There was a third element, too. For us, as the human rights people in the IETF to get to talk about why this is important to funders, other industry players and especially NGOs. They know about the IETF, but they don’t know what they would do there if they spent time advocating on the design of standards. And so that was a moment for us to bring in more organizations to participate in the IETF because there are now issues that need their attention. Anyone who wants to can join such a working group?

Mallory Knodel: Exactly. The mailing lists are totally open. You could subscribe right now and effectively be working in the working group. Is representation an issue then?

Mallory Knodel: The IETF does to some degree track participation, but lightly, without violating participants’ privacy. This is an ongoing goal of my long term work in the IETF: to get more diverse participation in the IETF. I suspect that the IETF suffers from its white male North Americanness to the degree that it does, because often they’re not dealing with issues that are of interest to anyone else in the world.

So it is a self-perpetuating cycle: we’ve had participation from people from India or sub-Saharan Africa in the past, but then they go away often because their work isn’t taken up.

“The entire conversation was replicated in the IETF” Coming back to the tracker standard: were there any controversies within the working group?

Mallory Knodel: A lot of the debate in the BoFs focused on whether or not this work should happen. It was interesting to me that we had mostly engineers who usually worry just about the network and now they were talking about whether these trackers’s use cases are good or bad.

It was the same debate that happens in the mainstream news: they’re good for tracking property versus these are bad because they’re being used to track humans and we should focus on that over the property use case. You had folks saying “Okay, we’ll talk about people. How about people with dementia? Or children that need to be tracked by their caregivers?” The entire conversation that happens in the mainstream was replicated in the IETF. What was the outcome?

Mallory Knodel: The outcome is harm reduction. People understood that we weren’t going to be able to solve the fact that these location trackers are on shelves everywhere, and the IETF has an opportunity to make them less harmful. Do you think that’s a good outcome?

Mallory Knodel: I do. I’m in the camp of “these devices should be banned.” But that’s not a problem that I can solve. It’s wonderful that the IETF has recognized it has a role to play in this kind of harm reduction. So I think it should be proud of itself for slightly expanding its mandate. Dipping into a realm of a technical-social issue, I think is really good for the community.

“And it works. It is useful.” Do you think the standard and its implementation will actually prevent stalking? Let’s say someone I know puts something secretly into my pocket without telling me – a pretty common situation in an abusive relationship. Would my phone tell me about this?

Mallory Knodel: I think that the company Apple’s already implemented this, Google has implemented some version of it. What they’re trying to do with this is to force everyone to have to do it. And it works. It is useful. I mean, even in the IETF meeting in Prague in November last year, I got into an elevator and immediately got a notification that someone else’s Bluetooth earphones were in the elevator with me. So it does work. This is what victims have been asking for. The National Network to End Domestic Violence has been asking them to do this, and they answered that request.

This potentially makes their products less competitive. The problem was other products have been saying: ”We’re not going to alert thieves that your property’s been stolen. We’re going to be the version of this product that’s better for people who want to track their property.”

I think Apple and Google are hoping that this would be regulated so that all companies have to do this. Coming back to the perspective of potential victims and a situation where I’m around a specific tracker for a longer period of time. If I have a tracker intentionally on my keyring I don’t want to be alerted all the time. One the other hand if my abusive partner puts a tracker into my pocket and I’m around this partner already all the time: would I still then be alerted?

Mallory Knodel: There’s a way to turn them off. So you wouldn’t get alerted for things that are yours. On the other hand, I could use my headphones to track you. I just need to put something that has this tracking capability. Like with operating-system family accounts, I can see where my family’s devices are because we’ve turned that on. And in a domestic violence situation, there’s a lot more opportunity to mess with those settings. I could pair my headphones with your phone because I have access to your phone and my headphones are in the house all the time. And then when I want to know where you’re going, I could put my headphones in your bag.

This is only tracking things that your interface device – the one that tells you there’s a problem – does not know this other device. It just knows that there’s something out there that’s pinging it with with Bluetooth. And that’s when it tells you there’s this unknown thing that’s been around for a while.

“The IETF standards are all voluntary” Will it be an obligation for anyone who produces these Bluetooth devices to use the standard or is it voluntary?

Mallory Knodel: The IETF standards are all voluntary. Nobody forces anybody to use them. Companies could definitely just not implement this. One hope is that a regulator might force it for consumer protection reasons. If a competitor wanted to produce a tracker specifically for stalking: that would still be possible?

Mallory Knodel: Absolutely. Is the tracker detection going to work for operating systems other than Google or Apple as well?

Mallory Knodel: Hopefully. There have even been suggestions to create products that would just be for detecting trackers that wouldn’t be a phone. Imagine if you walk into a domestic violence shelter and they would hand you a device that’s not a phone. And maybe that device, if you hold on to it for a few hours and there’s a device tracker, then it would tell you that you have one somewhere. Those also are going to be possible with this standard. Does this have privacy implications, too?

Mallory Knodel: People are concerned that if you can detect the trackers that you can detect things about those trackers that might be privacy violating. When I got into the elevator in Prague, it actually told me “Mark’s iPods are nearby” and so I now know that this person’s name is Mark, and he’s carrying with him a particular brand of expensive head phones. That gives you an idea of how this could go wrong. So you need some privacy protections.

The way the protocol is designed is meant to only give the detecting device aggregated data and not specific data. So in the future what I experienced in the elevator may change. It might just say “someone else’s headphones are nearby ”. And that’s still useful. In another case maybe you want the network to tell people your name or phone number to help retrieve your lost property. It’s a balance. In developing this specification, we have to balance all these different use cases and all these different negative outcomes because we’re trying to achieve different things.

Deine Spende für digitale Freiheitsrechte

Wir berichten über aktuelle netzpolitische Entwicklungen, decken Skandale auf und stoßen Debatten an. Dabei sind wir vollkommen unabhängig. Denn unser Kampf für digitale Freiheitsrechte finanziert sich zu fast 100 Prozent aus den Spenden unserer Leser:innen.

0 Ergänzungen

Wir freuen uns auf Deine Anmerkungen, Fragen, Korrekturen und inhaltlichen Ergänzungen zum Artikel. Bitte keine reinen Meinungsbeiträge! Unsere Regeln zur Veröffentlichung von Ergänzungen findest Du unter Deine E-Mail-Adresse wird nicht veröffentlicht.