Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- D11.1: Mobility and Identity.
- D11.2: Mobility and LBS.
- D11.3: Economic aspects of mobility and identity.
- D11.4: Workshop on Mobility and Identity.
- D11.5: The legal framework for location-based services in Europe.
- D11.12: Mobile Marketing in the Perspective of Identity, Privacy and Transparency.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D11.6: Survey on Mobile Identity
The deliverable in hand provides the results of an explorative survey on the
control model for identity related data in location-based services (LBS)
presented in FIDIS deliverable D11.2.
The survey was performed to explore the influence of LBS characteristics (pull
vs. push based, indirect vs. direct profile creation) on the perceived amount of
control participants have about the disclosure of their identity.
Four scenarios, each reflected a different aspect of the control model, have been
designed and tested.
Introduction
Location data refer to all data which indicate the geographical position of an individual at a defined moment. The processing of location data must, as should all processing of personal data, comply with the provisions of the Data Protection Act. Such data can be obtained through different means, for instance via a smart card used to access a service or when making a phone call via a mobile phone. In this last case, the location of an individual can be obtained through the processing of traffic data, i.e. from the data processed for the transport of communication into an electronic communication network or for the billing thereof, or location data, which means any data processed in an electronic communications network indicating the geographical position of a final user’s terminal equipment when he uses a public electronic communications service. The latter may involve information on the latitude, longitude and altitude of the place where the device is situated, the direction of movement, the degree of precision of location data and the identification of the network cell where the terminal device is situated at a given moment.
The spread of Location Based Services provided through public electronic communications networks has raised a series of data protection concerns. Location Based Services represent an emerging market in Belgium since the introduction in 2003 of information services based on the location of the user, with better commercial expectations than the traditional telephony services. The services offered extend from the provision of information upon request relative to services close to the user’s location (pharmacies, restaurants, etc.) to the localisation of a mobile phone (employees, children, friends, senior citizens, etc.). The last category of services is known as Passive Location Based Services. They are defined as those services where a mobile phone user, once he has enabled the service, consents to be located by another person, when that other person initiates a location request from another mobile phone or from a PC. Very popular are the so-called Child Location Services that allow the parents to track their children. These services could harm not only the right to privacy of the user, a right constitutionally protected in Belgium, but also his right of movement in an anonymous way, as long as they enable the subscribers to know where the user is at any moment.
Specific provisions have been introduced by the Act of 13 June 2005 relative to electronic communications (hereafter Electronic Communications Act) that complements the general rules provided by the Data Protection Act. However, the rapid evolution of these services has already motivated two law proposals with the purpose of adjusting the provisions of the Electronic Communications Act to these specific situations and in particular for the regulation of employee monitoring.
Several aspects should be taken into account in order to present the legislation applying to this kind of processing. The general obligations related to personal data processing as they stand in the Data Protection Act will be discussed and complemented, when appropriate, by the specific provisions of the Electronic Communications Act (section ). In several cases, specific legislation should also be taken into account. Regarding the processing of location data by public authorities, an experiment carried out in Flanders on traffic management will be discussed and the provisions applying to processing for law enforcement purposes will be outlined (section ). The specific case of employee monitoring and localisation of a third party’s mobile phone will be described (section ), while the research conducted under the auspices of the Institute for BroadBand Technology (IBBT) in Flanders will also be presented (section ).
21 / 47 |