Not only are there multiple agendas at play, given that hardware needs one thing, operating systems something else, app developers something different again. On top of that we have multiple platforms to think about, besides the fact that technology is changing fast: new apps are coming out on different platforms on a daily basis and we’re rapidly moving towards a location-aware world where everything around us is coming to life not just in front of our eyes, but on our devices too.
So what to do or can be done?
Making use of location datatouches upon delicate privacy issues, since it enables verifying someone‘s location without the person's consent. Strict ethics and security measures are strongly recommended for services that employ positioning, and the user should be giving an informed, explicit consent to a service provider before positioning data from the user's mobile phone can be computed.
In Europe, where most countries have a constitutional guarantee on the secrecy of correspondence, location data obtained from mobile phone networks is usually given the same protection as communication itself. The United States, however, has no explicit constitutional guarantee on the privacy of telecommunications, so use of location data is limited by law. In Germany, even obviously criminal intent may not be inferred by such means, although technically possible. Officially, only authorities (like the police) can obtain permission to position phones in emergency cases, in contrast to the current U.S laws that allow tracking suspects – even access a mobile phone's internal microphone to eavesdrop on local conversations while the phone is switched off. By the way, this is a technology that China proposed to use to track commuting patterns of Beijing city residents.
One implication of LBS is that data about a subscriber's location and historical movements should be owned and controlled by the network operators, including mobile carriers and mobile content providers. Beside the solution of a legal framework several technical approaches to protect privacy exist, using privacy-enhancing technologies (PETs), such as basic on/off switches to sophisticated anonymization techniques, which are e.g. offered by Google Latitude. Another set of techniques included in the PETs are the location obfuscation techniques, which slightly alter the location of the users in order to hide their real location while still being able to represent their position and receive services from their LBS provider.
Fact is that smartphone devices tend to go with their owners wherever they are and increasingly becoming a payment device, too. But why should smartphone users make use of a trackable black box that makes them feel uncomfortable due to security and location-tracking issues inherent in such transactions? To give the development of the mobile payment industry a push forward, we definitely have to find a good answer to the question.
Debates sparked last year after monitoring software installed on millions of smartphones had been discovered. In the US the proposal was triggered that carriers and phone makers must inform consumers about the presence of monitoring software and gain their "express consent" before collecting and transmitting information from phones. Although all manufacturers say that this software is used only as a diagnostics tool to improve network and service performance, congressmen started denouncing the use of it and class-action lawsuits were filed, followed by a draft legislation that would require disclosure of monitoring software when a consumer buys a mobile phone. This legislation would in addition prevent manufacturers from collecting and transmitting information unless consumer consent is obtained, and would outline security policies companies would have to follow when receiving personal information from smartphones.
A combination of appropriate technology, education and an opt-in processes, making sure that companies get explicit consent from users in order to share their location data, is probably the best solution. On top it can’t hurt to reconsider what level of privacy is actually needed and desired by users, don’t you think?
By Daniela La Marca