The Problem
Today's Wi-Fi technology broadcasts the unique MAC address of devices in plaintext. These addresses are globally unique and static. This allows for constant tracking of devices which have a Wi-Fi interface enabled. Given devices such as cell phones use Wi-Fi and are usually unique to a person, tracking a MAC address can be roughly equivalent to tracking an individual. Commercial tracking technologies already exist that take advantage of this fact. These technologies are commonly used in shopping centers and event centers for tracking of patrons. The data is often used to detect the occupancy of an area and to track foot traffic patterns. This data is also often sold to advertisers for personalized advertising, allowing companies to target you based on your offline behaviours. This tracking is not limited to expensive commercial systems either. Tracking can be easily done with inexpensive Wi-Fi devices, such as Raspberry-Pi Zero W's for ~$20 each. This poses many privacy concerns for Wi-Fi users, as anyone could setup a network of these devices with relative ease.