Ha.

Well right now a) we most likely have no idea where an ip address is and b) even if we do, it's nearest-city accuracy.... which is exactly what everyone else does.

Denying browser location doesn't stop the app or website from using your ip address against some third party service to figure out where you are.

>Denying browser location doesn't stop the app or website from using your ip address against some third party service to figure out where you are.

I didn't state that it does. However, just because you can do something doesn't mean you should. Did it ever occur to you that if someone explicitly tells their browser that they don't want to be located that you should respect that?

I hope you are never critical of Facebook's or Google's privacy standards, because there's a full-length mirror with your name on it.

I feel it’s a bit of a stretch to compare public information (what city does best guess say an IP is located in) and private information (where is my device right now).

The lookup against what IP is in what city is published in numerous public databases that anyone can look up against in small doses at no cost, or at scale commercially.

This service shines a light on that, doing away with illusions of privacy and showing you where you potentially have none.

Comparing to Google and Facebook feels disingenuous. You can’t lookup any person in their DB and see their records. It’s not public precisely because they’re hoarding what (in aggregate) is legitimately private data.

It’s still an illusion of privacy mind, as all the recent fuss finally coming about demonstrates.

The Google/Facebook comparison is made because those companies also deliberately ignore the user's privacy wishes.

Also, this isn't about locating someone to their city. According to the blog post, it returns latitude and longitude pairs.

Yes, these may not be precise in some circumstances, but as detailed in many recent HN posts, Google has many many ways to narrow that down to a very close approximation of where you actually are. And it's only going to get better at it over time.

Whatever location information is being presented is being displayed from a lookup from a publicly accessible database. It’s not a private DB that only one org has access to. This is the public library. The only cost of admission is putting in the effort to look. Google’s knowledge of you is private. It’s not comparable.

Should there be efforts to collect more information to make that public information more specific? Maybe. Can you actually delete already public information from the internet? Not really.

“Would you like to share what colour the sky is?”

You can choose not to. The webpage can still tell you. That information is public regardless whether you provide more specific information or not

"Can" vs. "should."

The bottom line is that the user specifically requests not to be located, and this is a way to do exactly the opposite of what the user wants.

Being technically capable of doing something is not an excuse for violating trust.

Here's a web page that may help you wrap your brain around the concept: https://en.wikipedia.org/wiki/Ethics

Every web request is like a letter with a to: and a from: address. Your anger is equivalent to being mad that someone looked at the from: address on an envelope when you told them not to.

Also, your argument is that because the user doesn't want it, it is unethical? I don't want to sit in traffic but that doesn't make traffic unethical.

Similarly, you accuse them of 'violating trust'. It's public knowledge that any IP address can be looked up. Just because you weren't aware of it doesn't mean your trust is violated. In the same way, just because you didn't know something was against the law doesn't make it not illegal.

I am for privacy, don't get my wrong, but your comments represent one of the biggest challenges with privacy right now: the assumptions of privacy and trust. It's hard to have rational and productive arguments about privacy when people get emotional about the inner workings of the system. If you don't agree with the system, work to change it, but don't blame others for what is, at the end of the day, just a feature of how it all works. Instead, try to understand the feature and think about how we can implement future systems with similar functionality but more privacy.

>Your anger is equivalent to being mad that someone looked at the from: address on an envelope when you told them not to.

No, it's the equivalent of asking a woman in a bar if you can call her and when she says "no," you look up her number in the phone book and call her anyway.

Except she’s not forced to wear her full name on display at the bar (unlike IP addressing) and is able to opt out of being in the phone book (unlike GeoIP . DBs).

I get what you’re saying and I see where you’re coming from, but to try and use this phone number analogy, it’s like telling someone what city/state they’re in based on their area code when they’ve opted to provide you no location information beyond their phone number.

The phone number itself contains location information. It’s not necessary accurate information as I could easily (and do) use a 212 number wherever I am I the USA, not just in New York.

Finally, we’ve had rulings about phone numbers and IP addresses. Phone numbers “belong” to the end user, not the operator, and move with the user if they want to. IP addresses “belong” to the carrier, and are non portable. In a number of cases, carriers actively provide city-level accuracy for where they’re using their IP space as it actively improves performance for end users.