On Jul 13, 2016, at 9:07 AM, Adrian Gropper <agropper@healthurl.com> wrote:
https://www.buzzfeed.com/josephbernstein/heres-all-the-data-pokemon-go-is-co...
Here’s the link without the tracking cruft: https://www.buzzfeed.com/josephbernstein/heres-all-the-data-pokemon-go-is-co...
This may well have been a case of accidental social engineering but it makes the point that multiple random authorization servers will not scale.
Meaning authorization servers by big companies acting on persons’ behalf. In this case Nintendo (Pokemon Go parent) and Google.
If Pokemon wants access to my Google stuff, they need to ask my authorization server and not the one Google helpfully gave to me.
Meaning one you operate personally. Does one exist? Do we have an example or a prototype among all our developments here? (I’m so snowed under looking at all of it that I confess to being a bit lost—in a good way.)
Is there any other alternative? How could Google's ever play both sides as both game developer and privacy protector?
That’s the right question. The answer has to come from our sovereign personal whatever (authorization server is a good term, but it needs to be distinguished from the same operated by giant companies playing both sides). And the Castle Doctrine needs to apply. <http://bit.ly/3stldoc> or <http://j.mp/cstl3> Doc
Adrian
--
Adrian Gropper MD
PROTECT YOUR FUTURE - RESTORE Health Privacy! HELP us fight for the right to control personal health data. DONATE: http://patientprivacyrights.org/donate-2/