Resources
- Identity Use Cases & Scenarios.
- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- D11.1: Mobility and Identity.
- D11.2: Mobility and LBS.
- D11.3: Economic aspects of mobility and identity.
- D11.4: Workshop on Mobility and Identity.
- D11.5: The legal framework for location-based services in Europe.
- D11.12: Mobile Marketing in the Perspective of Identity, Privacy and Transparency.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D11.6: Survey on Mobile Identity
The deliverable in hand provides the results of an explorative survey on the
control model for identity related data in location-based services (LBS)
presented in FIDIS deliverable D11.2.
The survey was performed to explore the influence of LBS characteristics (pull
vs. push based, indirect vs. direct profile creation) on the perceived amount of
control participants have about the disclosure of their identity.
Four scenarios, each reflected a different aspect of the control model, have been
designed and tested.
Conclusion
The actual legal framework applying to location based processing is based on two different norms, the Code of the Posts and Electronic Communications and the Data Protection Act. Specific issues have been raised in the field of Location Based Services when they allow the subscriber to localise the device used by a third party. The Courts and the CNIL should make the balance between the different interests at stake, on a case-by-case basis, but few decisions have been made so far regarding this topic, which makes it difficult to draw conclusions on future trends or positions of both authorities.
Both the CNIL and the Court have measured the risk of the processing of location data which do not only affect the right to have a private life but rather the freedom of movement in an anonymous way. In some cases, other factors interfere, such as education issues in the case of the processing of minors’ data. Therefore, such processing appears to be highly sensitive and is considered as legitimate only when the purpose cannot be achieved by any other means less intrusive. As a consequence, consent is a necessary but not a sufficient condition to the processing.
Regarding the processing for national security purposes, the Data Protection Act poses some limits through the issuing of the opinion of the CNIL which, despite not being binding, remains influential. However, the State remains free not to follow the opinion of the CNIL which is not binding. When the processing is foreseen by a law, the Constitutional Council can operate a control of validity but it remains abstract. Moreover, this institution is willing to validate processing of personal data whenever they consider their justification is in the security of individuals. For instance, the approval of the Act for the fight against terrorism has shown that the Opinion of the CNIL was not always followed and some provisions of the law relative to the systems of surveillance considered harmful by the CNIL have not been modified, such as the automatic taking of photographs of vehicle passengers at certain roads. The Constitutional Council has validated these same provisions.
7 Location Information from a German Perspective
Maren Raguse (ICPP)
33 / 47 |