By Carol Ansley, Cox Communications, Inc.; Tushar Sharma, Cox Communications, Inc.
When Wi-Fi TM was first developed over twenty-five years ago, no one expected that it would become the dominant method of connecting consumer mobile devices into the larger network wherever people went. The past 10 years have seen Wi-Fi connected mobile devices go from a business convenience to a personal and professional necessity. More recently consumers using Wi-Fi mobile devices have become aware that their privacy was being impacted by these ubiquitous devices. A person could be tracked by the mobile devices they carried as they worked, shopped, and traveled. The privacy concerns associated with Wi-Fi have been written about in many papers. Information exposed in Wi-Fi headers and unencrypted control frames have been highlighted as providing a window for third parties to monitor and track users through their mobile devices. IEEE 802.11TM first addressed these concerns with IEEE Std 802.11aqTM that recommended various steps such as randomizing a mobile device’s MAC address to obfuscate the user’s identity. The consumer electronics industry has enthusiastically adopted this recommendation which ended up having ripple effects in other areas. We discuss possible mechanisms to reduce the effect of randomized MAC address that are being considered by the Random and Changing MAC Address Operation Task Group in IEEE 802.11. We will discuss ongoing work in 802.11 including proposed protocol changes that are being considered within IEEE 802.11 such as the work being done by the Enhanced Data Privacy Task Group in IEEE 802.11. The task group is developing new tools to reduce the ability of a third party observer to identify and track Wi-Fi mobile devices, and the users associated with them. We also provide some references in the Bibliography and References section for further reading on similar efforts in the 3GPP Standards. Such references are not exhaustive but suggested literature.