Of smart phones and geo-privacy

During the past few years, the proliferation of smart phones has been meteoritic. All the big players in the industry realized the fact that they had to join the bandwagon and put on the market their own versions of the iconic iPhone. Companies like Google, Samsung, HTC and RiM all realised that the future is literally in our hands. This revolution not only affected the big players but also created a whole new industry of developers offering applications and software that is somehow directly loaded on your phone or speaks to the data contained on your phone. The latest stir in this revolution is the ability to use software to map out the geographical locations of where I have been: location data.
Just last week both Apple and Google were questioned in front of the US senate relating to the use of location data in mobile devices produced by these two companies. These developments were the direct result of recent revelations that iPhones running on iOS 4 were storing data which could be read by certain third party software and produce a detailed map of where the user had been. Apple has strongly denied any accusations that it was logging any information on users but admitted that it did keep some unencrypted data relating to the wi-fi hotspots and cellular towers surrounding the user and which could well be many miles away.
Analysts have also pointed out to the fact that whist these devices do not give any visual indication that this location data is being stored it appears that the terms of use of Apple included the fact that the company may collect location data in order to understand customer behaviour and improve its products or services. Contemporaneously, Apple has also updated its operating software in order to fix these issues and which could lead to location data being stored on the mobile phones for up to a year by reducing the amount of data stored as well as giving the ability to its users to switch off location services altogether. The latest software update, which also affects 3G iPads, also removed the possibility of transferring this data to your iTunes when the phone is connected to your computer.
On the other hand, during its submissions in front of the US Senate, Google stated that it had policies and mechanisms in place to request the consent of Google Android phone users in order to allow Google's location service to collect purely anonymous data.
It is important to stress that the software which enables a user to track his movements and overlay the location data contained in the iPhone was developed by third parties who have nothing to do with Apple. This however has attracted the attention of law enforcement officials and might assist them in certain situations where they will need to build up the movements of suspects within a specified period of time even though that this will not be that useful locally considering the tricky topography of Malta irrespective of its size.
The possibility for third party software developers to create apps for smart phones has created a reality whereby users should not only be concerned about data which is being processed by the phone manufacturers but also how data that is being fed back to these third-party application providers is used. Should this reality trigger a revision of our present laws relating to privacy and location data?
The processing of location data is regulated in Malta by means of Subsidiary Legislation 440.01 concerning the processing of personal data in the electronic communications sector. Regulation 7 of SL440.01 specifically states that where location data other than traffic data, relating to users or subscribers of public communications networks or of publicly available electronic communications services can be processed, such data may only be processed when it is made anonymous, or with the consent of the users or subscribers to the extent and for the duration necessary for the provision of a value added service. The regulation also enters in depth on the information that needs to be provided to users such as the type of location data being process, the purpose and duration of the processing, and whether such data will be transmitted to other third parties for the purpose of providing value added services. The law continues further and adds that the users should be able to withdraw their consent for the processing of location data at any time.
It seems therefore that we are somehow legally covered but technology always creates doubts with its uncanny ability to re-invent itself and go where no law has ever gone before.
These latest developments in geo-privacy could very well serve in instigated the United States to finally come at par with the privacy legislation which is available in Europe. The US has always been slower in introduction of data protection laws and it is still uncertain whether these recent developments relation to location data privacy will serve as an impetus for the enactment of three online privacy bills which have been introduced in the US. The present review of the Data Protection legislative frameworks as arising from Directive 95/46 EC will undoubtedly delve in the challenges posed by the advances in location technology and its effects on our right to privacy. In the meantime, some of us might consider switching off their location data services, just to be extra-safe.