WG Review: Detecting Unwanted Location Trackers (dult)
The IESG <iesg-secretary@ietf.org> Fri, 16 February 2024 14:26 UTC
Return-Path: <iesg-secretary@ietf.org>
X-Original-To: ietf-announce@ietf.org
Delivered-To: ietf-announce@ietfa.amsl.com
Received: from ietfa.amsl.com (localhost [IPv6:::1]) by ietfa.amsl.com (Postfix) with ESMTP id CBB81C157938; Fri, 16 Feb 2024 06:26:28 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
From: The IESG <iesg-secretary@ietf.org>
To: IETF-Announce <ietf-announce@ietf.org>
Subject: WG Review: Detecting Unwanted Location Trackers (dult)
X-Test-IDTracker: no
X-IETF-IDTracker: 12.5.0
Auto-Submitted: auto-generated
Precedence: bulk
Cc: unwanted-trackers@ietf.org
Reply-To: iesg@ietf.org
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: 8bit
Message-ID: <170809358880.22958.10298694642849567022@ietfa.amsl.com>
Date: Fri, 16 Feb 2024 06:26:28 -0800
Archived-At: <https://mailarchive.ietf.org/arch/msg/ietf-announce/BWs7AqymJ8H1IpMJ9x3Mj0o-ntw>
X-BeenThere: ietf-announce@ietf.org
X-Mailman-Version: 2.1.39
List-Id: "IETF announcement list. No discussions." <ietf-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ietf-announce/>
List-Post: <mailto:ietf-announce@ietf.org>
List-Help: <mailto:ietf-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ietf-announce>, <mailto:ietf-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 16 Feb 2024 14:26:28 -0000
A new IETF WG has been proposed in the Security Area. The IESG has not made any determination yet. The following draft charter was submitted, and is provided for informational purposes only. Please send your comments to the IESG mailing list (iesg@ietf.org) by 2024-02-26. Detecting Unwanted Location Trackers (dult) ----------------------------------------------------------------------- Current status: BOF WG Chairs: Sean Turner <sean+ietf@sn3rd.com> Assigned Area Director: Roman Danyliw <rdd@cert.org> Security Area Directors: Roman Danyliw <rdd@cert.org> Paul Wouters <paul.wouters@aiven.io> Mailing list: Address: unwanted-trackers@ietf.org To subscribe: https://www.ietf.org/mailman/listinfo/unwanted-trackers Archive: https://mailarchive.ietf.org/arch/browse/unwanted-trackers/ Group page: https://datatracker.ietf.org/group/dult/ Charter: https://datatracker.ietf.org/doc/charter-ietf-dult/ ## Background Location-tracking accessories provide numerous benefits to users (e.g., such as being able to find where they left their keys), but can also have security and privacy implications if used for malicious purposes. These accessories can be misused to track another person’s location without their knowledge. Three major subsystems of an accessory tracking system, i) crowd-sourcing network, ii) unwanted tracker detection, and iii) alerting, providing information about the accessory, and enabling the non-owner to find it, have interfaces are relevant to unwanted tracking. These interfaces include: enrolling in the network, broadcasting an accessory’s presence, non-owner interface for querying information from the accessory, performing non-owner actions such as play sound, querying assets and disablement instructions, querying limited owner information, disabling the accessory, and detection and exclusion of nonconformant accessories. To address this threat of unwanted tracking, accessory manufacturers have developed independent solutions for protecting users from unwanted tracking. However, this requires users to know about the threat of unwanted tracking, download multiple apps, and constantly be checking for the threat of unwanted tracking. In order to build a scalable solution for detecting unwanted tracking, trackers require a consistent protocol and set of behaviors that will enable protection from unwanted tracking using any tracker. ## Goals The goal of the DULT WG is to standardize an application protocol for information exchange between location-tracking accessories and nearby devices, along with actions that these accessories and devices should take once unwanted tracking is detected. This protocol is intended to protect people against being unknowingly tracked. The intent of this WG is to make it easier for arbitrary devices to detect unwanted tracking by these accessories. The protocols and interactions between devices may be limited to certain states or modes, such as the accessory being separated from a paired/owner device. The working group will define privacy and security properties of its solution, including privacy and security protections for accessory owners when accessories are used appropriately, and evaluate the tradeoffs. The mechanisms specified by the WG will be designed to not create new vectors for user tracking. The WG's specified mechanisms and protocol design will be guided by an intent to: * Minimize hardware changes needed in tracking accessories to implement this protocol; and * Not preclude adoption by manufacturers of larger devices whose primary purpose is not location tracking, but have location tracking capabilities (e.g., headphones, bicycle, smartphone) ## Program of Work The WG is expected to: 1. Document the current state of the tracker accessory platforms and how these technologies work (with informational document(s)) 2. Develop a standards-track protocol ("DULT protocol") between tracking accessories and nearby devices, which will: * Specify requirements and a baseline algorithm for determination of unwanted tracking * Specify complete message formats for accessories to advertise their presence to nearby devices, for one or more underlying transports (e.g., Bluetooth, Near Field Communication, etc.) * Allow nearby devices to trigger behavior on an unwanted tracking accessory to aid in determining its physical location * Allow nearby devices to fetch additional information about a tracker accessory, including such things as tracker image asset(s) and physical disablement instructions * Define privacy and security requirements for all messages used for advertisement, interactions with crowdsourcing networks, and owners of accessories 3. Develop standards-track guidance that accessory manufacturers can implement to deter malicious use of tracking accessories and support the implementation of the WG-specified protocol. * Include physical security considerations, such as user impact when device has been physically modified to diminish detectability and/or findability * Include considerations for protecting people that don't have a device capable of running a platform-based unwanted tracking detection system 4. Develop standards-track guidance for non-owner device platforms necessary to support implementation of the DULT protocol. The standards-track guidance described above will include mechanisms to ensure that devices that do not correctly implement or adhere to the DULT protocol can be detected and excluded from being trackable via crowdsourced location networks. These mechanisms will include considerations for addressing legacy trackers that cannot update to the DULT protocol. The WG will work with gender-based violence experts throughout development of the protocol. Additionally, before publishing the protocol the WG will: * Carry out a threat analysis and security analysis * Gather implementation experience The WG will not define requirements for interactions between accessory manufacturers and law enforcement. The focus of the WG will be on solving the use case of detecting small and not easily-discoverable accessories, supporting any functionality that is necessary for identifying and recognizing such accessories. Since most of the existing tracking accessories use Bluetooth, the DULT WG will coordinate as needed with the Bluetooth SIG and IETF 6lo WG. ### Milestones * By July 2025 submit an informational document about the state of tracker accessory platforms and how they work for publication * By July 2025 submit a standards document defining the protocol to detect and interact with unwanted tracker accessories for publication Milestones: Jul 2025 - Submit an informational document about the state of tracker accessory platforms and how they work for publication Jul 2025 - Submit a standards document defining the protocol to detect and interact with unwanted tracker accessories for publication