Re: [STDS-802-Privacy] FW: [802SEC] Marriott agrees to $600k payment to resolve FCC investigation into Wi-Fi blocking

[Christian Huitema <huitema@xxxxxxxxxxxxx>]

Why would that be a privacy threat, by opposition to a basic denial of service?

 

The privacy threat would be something like “employees of … have used a feature of a Wi-Fi monitoring system to track the movement of customers as they visited each other room.”

 

Or, “employees have used a feature of a Wi-Fi monitoring system to check the MAC address of visiting guests smart phones and compare them to users identities through an online database…”

 

From: Zuniga, Juan Carlos [mailto:JuanCarlos.Zuniga@xxxxxxxxxxxxxxxx]
Sent: Friday, October 3, 2014 10:36 AM
To: STDS-802-PRIVACY@xxxxxxxxxxxxxxxxx
Subject: [STDS-802-Privacy] FW: [802SEC] Marriott agrees to $600k payment to resolve FCC investigation into Wi-Fi blocking

 

FYI, another misuse of long-lived identifiers. In this case, the Privacy Threat is the use of MAC addresses to impersonate users and send the wrong packets to the network:

 

“After conducting an investigation, the Enforcement Bureau found that employees of Marriott, which has managed the day-to-day operations of the Gaylord Opryland since 2012, had used features of a Wi-Fi monitoring system at the Gaylord Opryland to contain and/or de-authenticate guest-created Wi-Fi hotspot access points in the conference facilities.  In some cases, employees sent de-authentication packets to the targeted access points, which would dissociate consumers’ devices from their own Wi-Fi hotspot access points and, thus, disrupt consumers’ current Wi-Fi transmissions and prevent future transmissions”

 

Regards,

 

Juan Carlos

 

From: owner-stds-802-sec@xxxxxxxx [mailto:owner-stds-802-sec@xxxxxxxx] On Behalf Of John H Notor
Sent: Friday, October 03, 2014 12:09 PM
To: 802_EC; RR-TAG; REG_SC
Subject: [802SEC] Marriott agrees to $600k payment to resolve FCC investigation into Wi-Fi blocking

 

FYI,

 

MARRIOTT TO PAY $600,000 TO RESOLVE WIFI-BLOCKING INVESTIGATION.   Hotel Operator Admits Employees Improperly Used Wi-Fi Monitoring System to Block Mobile Hotspots; Agrees to Three-Year Compliance Plan.  News Release. Adopted:  10/03/2014. News Media Contact: Neil Grace at (202) 418-0506, email:Neil.Grace@xxxxxxx  EB  https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.docx

https://apps.fcc.gov/edocs_public/attachmatch/DOC-329743A1.pdf

 

John

 

John Notor
President/Chief Technologist
Notor Research

Mobile: 1.408.316.8312

Web: www.notor.com

---------- This email is sent from the 802 Executive Committee email reflector. This list is maintained by Listserv.