I get and agree with your last two answers, but if that's the case, why has this kind of thing started popping up on a commercial scale? They certainly would have more to answer for, legally, if privacy laws were violated.
And just because an app like that may violate privacy rights, I mean, you still see things like Firesheep, packet sniffing, network surveillance tools, all published with the caveat to just use for "testing".
It seems to me that the laws are somewhat murky, as evidenced by this article, and I would be surprised if there was any law in the US against me keeping track of MACs that came into the range of my router. With your argument I couldn't set up a surveillance camera outside my house either.
> I get and agree with your last two answers, but if that's the case, why has this kind of thing started popping up on a commercial scale?
It's one thing to monitor MACs flying around a network, it's quite another to defend the monitoring in a court of law or use the results in a legal action.
In the U.S., for a member of law enforcement to search a person, a house, or monitor someone's communications, he must have reasonable cause to suspect that a crime is being or has been committed by that person. Absent "reasonable cause", the law can't monitor our communications. And as I type this, I realize these ideas are probably out of date, inconsistent with current events and rulings.
> It seems to me that the laws are somewhat murky ...
Not really, they're just not enforced until someone complains that his rights have been violated. But it's also true that privacy is being eroded in a major way right now, and the law hasn't really kept up -- there are laws on the books that, once tested in court, will probably be cast out. If that's the sense in which you mean "murky," then you're right.
> I mean, you still see things like Firesheep, packet sniffing, network surveillance tools, all published with the caveat to just use for "testing".
Strictly speaking, there's no problem until and unless it's a third party that's being monitored -- that person can complain that his right to privacy has been violated, even if no use is made of the monitored communications.
The burglar's phone's MAC address in your router's nicely timestamped log would be evidence, I would think, albeit less iron-clad than surveillance video of him taking your stuff. It would serve to bolster the prosecution's case, should the police manage to find the perp though other means. E.g., the thief might have been found fencing your Vermeer. He might claim to have acquired it innocently from someone. In that case, the jury would find your log interesting as they weigh the evidence.
An interesting question is whether the MAC address alone could be used to trace the perp. The first 24 bits of the 48-bit MAC address identify the company that manufactured the adapter. Then the question would be, did the company that put the adapter into the phone cross-reference its MAC with the phone's serial number and the serial number with the owner.
A smart thief would turn his phone off during a job. Routers logging MAC addresses are probably a much less serious problem than cell carriers keeping logs of which phones were where when.
No, they're unique. Each manufacturer is given a block of MAC addresses, and they assign them like serial numbers to each NIC they build. Each cell phone, WiFi access point, and normal NIC, has a unique MAC. If this were not the case, if two devices had the same MAC, the risk of a network collision would exist, and manufacturers, aware of this risk and the damage it would do to their reputation, act to prevent it in their own interest.
And just because an app like that may violate privacy rights, I mean, you still see things like Firesheep, packet sniffing, network surveillance tools, all published with the caveat to just use for "testing".
It seems to me that the laws are somewhat murky, as evidenced by this article, and I would be surprised if there was any law in the US against me keeping track of MACs that came into the range of my router. With your argument I couldn't set up a surveillance camera outside my house either.