Hardly lightweight reading, but the recent report by:
THE WORKING PARTY ON THE PROTECTION OF INDIVIDUALS WITH REGARD TO THE PROCESSING OF PERSONAL DATAstart with an introduction to location based services :
Geographical information plays an important role in our society. Almost all human activities and decisions have a geographical component. In general, the value of information increases when it is connected to a location. All kinds of information can be connected to a geographic location, such as financial data, health data and other consumer behavioural data. With the rapid technological development and wide uptake of smart mobile devices, a whole new category of location based services is developing.and ends with some interesting recommendations:
- Because location data from smart mobile devices reveal intimate details about the private life of their owner, the main applicable legitimate ground is prior informed consent.
- Consent cannot be obtained through general terms and conditions.
- Consent must be specific, for the different purposes that data are being processed for, including for example profiling and or behavioural targeting purposes from the controller. If the purposes of the processing change in a material way, the controller must seek renewed specific consent.
- By default, location services must be switched off. A possible opt-out mechanism does not constitute an adequate mechanism to obtain informed user consent.
Still not convinced that the average man on the Clapham Omnibus will ever achieve "informed consent" with the 80+ pages of Ts & Cs we get confronted with today...