Downloading a free mobile app, as I did, an attacker could easily track a specific badge and be notified when it goes out of or comes into range. With little technical skill, an attacker could use it to approach someone outside of the convention center (at a bar or restaurant or tourist attraction) and by employing social engineering techniques attempt to gain their trust. I myself was able to identify that there were over a dozen ISTE conference participants on my train platform on Wednesday morning bound for Chicago O’Hare. When one ISTE participant entered my train car at a later stop, that was trivial to identify. While there were no other ISTE participants on my flight back to the DC area, I located two badges in the baggage claim area (likely packed in someone’s luggage or carry-on).
Audrey Watters suggests that, “ISTE has helped here to normalize surveillance as part of the ed-tech experience. She suggests that it is only time that this results in abuse. Mike Crowley wonders why in a post-GDPR world attendees are not asked for consent? If this is the future, then maybe Levin’s ‘must-have’ guide will be an important read for everyone.