Resources
Identity Use Cases & Scenarios.- FIDIS Deliverables.
- Identity of Identity.
- Interoperability.
- Profiling.
- Forensic Implications.
- HighTechID.
- Privacy and legal-social content.
- Mobility and Identity.
- D11.1: Mobility and Identity.
- D11.2: Mobility and LBS.
- D11.3: Economic aspects of mobility and identity.
- D11.4: Workshop on Mobility and Identity.
- D11.5: The legal framework for location-based services in Europe.
- D11.12: Mobile Marketing in the Perspective of Identity, Privacy and Transparency.
- Other.
- IDIS Journal.
- FIDIS Interactive.
- Press & Events.
- In-House Journal.
- Booklets
- Identity in a Networked World.
- Identity R/Evolution.
D11.6: Survey on Mobile Identity
The deliverable in hand provides the results of an explorative survey on the
control model for identity related data in location-based services (LBS)
presented in FIDIS deliverable D11.2.
The survey was performed to explore the influence of LBS characteristics (pull
vs. push based, indirect vs. direct profile creation) on the perceived amount of
control participants have about the disclosure of their identity.
Four scenarios, each reflected a different aspect of the control model, have been
designed and tested.
| The legal framework for LBS in Europe |
 |
Table of Contents
1 Executive Summary
Mobile communications and services are among the most rapidly expanding fields of today’s technology. Wireless systems and unique identification of communication devices, combined with location data, enable providers to deliver Location Based Services (LBS). These services can vary from weather forecasts on mobile phones to automatic route planning. LBS will soon become an integral part of daily life.
An important factor for developing and operating LBS is the legal framework. This should serve at least two purposes: the development of LBS should be fostered by legal certainty for providers and consumers, and the privacy of citizens, consumers, and employees should be adequately protected now that people’s movements can be monitored pervasively and accurately. With this in mind, this report aims at answering the following question:
Which legal data-protection framework applies when providers of location-based services (LBS), public authorities and private parties like employers process location data generated in positioning systems?
In order to answer this question, this report describes technologies facilitating positioning of people, such as mobile communications, GPS, RFID, and WiFi. It describes the European legal data-protection framework for Location Based Services and provides an overview of LBS provisioning in relation to the national legal frameworks in Belgium, France, Germany, and the Netherlands. These country chapters also give examples of existing LBS applications, illustrating that problems with legal certainty in different legal regimes are far from theoretical.
The most relevant element in the legal framework for LBS is the data-protection regime for location data. Depending on the kind of data and circumstances, location data can be personal data and/or telecommunications traffic data. The European legal regime for these data can be found in three European Directives, on Data Protection, Privacy and Electronic Communications, and Data Retention.
The legal framework for processing location data generated in positioning systems is very complex indeed. Given the wide variety of positioning systems based on diverging technologies, and the three Directives that use partly overlapping definitions of personal data, traffic data, and location data, it is a Herculean task to determine which legal provisions apply when LBS providers, public authorities and private parties process location data.
Apart from the vast complexity of the legal framework, problems are also caused by unclear definitions and unresolved legal questions. Major open questions are whether ‘standby’ location data qualify as traffic data, which LBS systems are ‘publicly available’ electronic communications systems, whether sensor-based (RFID, WiFi) and chip-card-based systems involve electronic communications, and how consent should be given in the context of location systems. As a result, the legal certainty offered by the European legal framework is poor. The same holds for the national legal frameworks studied in this report, where similar problems occur. It is therefore recommendable that at the European level, the legal framework for processing location data be clarified and simplified.
Moreover, it is questionable whether the legal frameworks provide adequate privacy protection in the context of positioning systems. They allow much scope for public and private parties to infringe the privacy of citizens and employees through monitoring their movements. The increasing pervasiveness and accuracy of positioning devices, the recent requirements for traffic data retention, and the rise of non-public localisation systems lead to an enhanced privacy risk that may have to off-set by new checks and balances.
In conclusion, the development of positioning systems and location-based services may offer great opportunities for Europe, provided that the legal framework is improved. A reassessment and clarification of the European legal framework for processing location data is urgently needed, both to adequately protect citizens’ privacy and to foster the development of location-based services in Europe.
2 Introduction
   |
|
| 1 / 47 |
