EU to tackle geo-tracking regulation
The EU's top advisers on data privacy are debating whether to classify
location information as 'personal data.' That would subject products
like smart phones to additional regulations.
In the wake of the recent Sony PlayStation data breach, and the
revelation that Apple's iPhone inadvertently tracks users' locations,
the European Union's top advisory group on privacy is set to issue an
opinion this month on regulatory overhaul.
Transparency in social networking data collection will be central to
the overhaul, according to Matthew Newman, a spokesman for EU justice
commissioner Viviane Reding.
The group - called the Article 29 Working Party - consists of data
protection commissioners from all EU member nations. Their
recommendations are nonbinding, but address regulations which haven't
been updated since 1995, Newman added.
Those regulations require companies get consent from users before
collecting data, and that they outline a specific purpose for doing so.
"Those are principles which have stood the test of time," Newman told
Deutsche Welle. "But what we're looking at now is how to incorporate
those new technologies like Facebook or other social networks so that
people are better informed of their rights."
 Viviane Reding's office says suggestions by the Article 29 Working Party carry weightThe
Wall Street Journal reported Friday that the commissioners are debating
whether geographic data such as that collected by the iPhone should be
classified as "personal data."
An unnamed EU official told the American newspaper that "geo-location
data has to be considered as personal data," and that "the rules on
personal data apply to them."
That could put an end to companies' geographic logging of users without consent and a clearly-stated purpose.
"Any personal data has to be protected," Newman said.
Late last month Apple denied charges it was following the movements of its users.
"Apple is not tracking the location of your iPhone," a company
statement said. "Apple has never done so and has no plans to ever do
so."
Later, the company changed its software to significantly shorten the duration of tracking data that the phone stores locally.
In the wake of the recent string of data privacy breaches from not
only Apple and Sony, and another from European GPS giant TomTom, various
EU states, including France, Germany, Italy, Ireland and the U.K. begun
investigations examining the use of geo-location data.
New data breach law
 TomTom CEO Harold Goddijn recently apologized for selling traffic data to Dutch policeA
change currently in the legislative pipeline is expected to "expand the
scope of obligatory data breach notifications," Newman said.
It would require companies like Sony - which recently lost data on
more than 100 million Playstation user accounts to hackers - to notify
customers. Such requirements have thus-far only applied to
telecommunication networks.
"We're looking into expanding that to other sectors such as the
financial sector - e-banks and e-commerce - but also to new platforms
like online game platforms," Newman said.
Regardless of the opinion made public later this month by the Article
29 Working Party, the EU's data privacy overhaul could take up to two
years to implement, according to Newman. Whether it will be a binding
"regulation," or a "directive" open to interpretation by member states
has yet to be decided.
"Users do not fully understand exactly what they're agreeing to,"
Newman said. "So websites need to be a lot clearer and use plain
language. This goes for social network sites, behavioral advertising,
and also photo sharing sites."
Author: Gerhard Schneibel
Editor: Cyrus Farivar
http://www.dw-world.de/dw/article/0,,15074560,00.html
| 
