Kein Folientitel - PowerPoint PPT Presentation

About This Presentation
Title:

Kein Folientitel

Description:

Mobile Web Privacy Lukas Gundermann Independent Centre for Privacy Protection Schleswig-Holstein ld2_at_datenschutzzentrum.de – PowerPoint PPT presentation

Number of Views:75
Avg rating:3.0/5.0
Slides: 14
Provided by: LD26
Learn more at: https://www.w3.org
Category:

less

Transcript and Presenter's Notes

Title: Kein Folientitel


1
Mobile Web Privacy Lukas Gundermann Independent
Centre for Privacy Protection Schleswig-Holstein l
d2_at_datenschutzzentrum.de
2
Basic Notions
  • Self determination with regard to personal data
    The right to control who gets which personal
    information at which opportunity
  • Personal data (data relating to a person) Any
    information concerning the personal or material
    circumstances of an identified or identifiable
    individual (the data subject).
  • Data protection Not protection of data but
    protection of people against unauthorised use of
    personal data ( privacy)
  • Data security means of data protection

Mobile Web Privacy - 2 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
3
Location Data as Classic Traffic Data in
Telecommunication
  • Traffic data Information about the circumstances
    of a telecommunication process
  • E.g. Who called whom at which time?

Mobile Web Privacy - 3 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
4
Location Data as Classic Traffic Data in
Telecommunication
  • Consequences There is already the danger of
    creating a profile of the movement of the user
  • Due to the size of the cells it is only rough

X
  • Store the location information about the active
    telecommunication processes(Legal competence?)
  • Dont store the mere stand-by signal

Mobile Web Privacy - 4 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
5
Additional Personal Data on the Internet
  • With the internet (especially the www) new
    information emerge
  • Traffic data contains additional information
    regarding the services customers use
  • Without encryption that information can be easily
    tapped on the way through the net
  • More important It can be collected at the web
    server, a user profile can be created(especially
    with banner ad companies)

Mobile Web Privacy - 5 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
6
Bringing it all together The Mobile Web
  • For the intended services the location
    information must be much more precise
  • Tracking users movements is part of the service,
    this can include creating a profile
  • The services will be offered by third parties -
    There will be a greater number of recipients of
    data
  • Conclusion A greater volume of more precise
    location data will be spread to a larger number
    of persons and organisations

Mobile Web Privacy - 6 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
7
Solutions Consent of the Users 1
  • Absolutely crucial Users have to give their
    clear and unambiguous consent
  • It must be an informed consent, meaning that
    users have to be well informed about
  • which data will be collected,
  • for what purpose they will be used
  • when they will be deleted etc
  • Problem Is there a gradation of consent?

Mobile Web Privacy - 7 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
8
Solutions Consent of the Users 2
  • Gradation of consent Allowing some services to
    receive location data, others not
  • Data processing is limited to the consented
    purposes for different purposes a new consent
    would be necessary
  • A special consent is necessary for transfer of
    data to third parties
  • Users must have access to their own personal data
    and profile

Mobile Web Privacy - 8 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
9
Solutions Consent of the Users 3
  • Important Having the possibility to withdraw the
    consent at any time for the whole service or
    only for parts of it
  • An appropriate legal framework is necessary but
    not sufficient.
  • There also have to exist technical means for this
    kind of consent-management

Mobile Web Privacy - 9 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
10
Solutions Anonymity / Pseudonymity
  • For delivering the service it is not always
    necessary to know the users identity
  • What is necessary is to link a profile to always
    the same user
  • There are also more or less pseudonymous or
    anonymous techniques of payment available
  • Pseudonymous profiling would also be permitted
    according to the German law (Teleservices Data
    Protecion Act)

Mobile Web Privacy - 10 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
11
Legal Framework 1
  • European law The 1997 directive (97/66/EG) on
    protection of telecommunication data covers
    location data as subspecies of traffic data
  • Processing of this kind of data is only permitted
    if necessary for the service itself or for
    billing purposes
  • A proposal for a new directive makes it even
    clearer It has special provision for location
    data
  • According to that provision location data can
    only be processed if made anonymous or with the
    users consent.
  • There is one exception that needs to be discussed

Mobile Web Privacy - 11 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
12
Legal Framework 2
  • German law The 1996 Telecommunication Act (TKG)
    covers location data as traffic data in
    telecommunication
  • Processing is only permitted if necessary for the
    service or for billing purposes and some purposes
    that are closely connected
  • The 1997 Teleservices Data Protection Act covers
    the processing of personal data by ISPs
  • It applies also on the web based services that
    work with location data.
  • The provisions are alike the ones of the TKG, but
    in addition the Act allows pseudonymous
    profiling.

Mobile Web Privacy - 12 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
13
Conclusions
  • There are first steps towards a legal framework
    for mobile web applications in Europe ,
    nevertheless there is still some work to be done
  • Most important at the time being is to develop
    mobile devices that give users control over their
    location data
  • It is necessary not to have only a general option
    but to be able to give a graduated consent and
    withdraw it at any time
  • Besides, technical means should be developed,
    that serve the principle of minimisation of data
    and allow the anonymous provison of mobile web
    services.

Mobile Web Privacy - 13 / 13
Independent Centre for Privacy Protection
Schleswig-Holstein
Write a Comment
User Comments (0)
About PowerShow.com