Separate from the issues surrounding enforcing declared policy, putting
metadata into identifiers seems like a bad practice.
True. And it is also a very ineffective way to get privacy. If you want to not
be tracked, you should at a minimum randomize the SSID, and probably the Wi-Fi
MAC address as well. Of course, that's a bit inconvenient today, because the
user is in the loop, and has to agree to connect to the SSID, and enter the
security key. But it can in theory be solved. For example, if the SSID encrypts
something like "MyRealSSID+someRandomNumber" with a known key, the modified
WiFi client could automatically decrypt it. Needs work, but seems more robust
than relying on the good will of strangers.
-- Christian Huitema