Tuesday, 26 July 2011

A view from ARTICLE 29 Data Protection Working Party on location privacy

Hardly lightweight reading, but the recent report by:
start with an introduction to location based services :
Geographical information plays an important role in our society. Almost all human activities and decisions have a geographical component. In general, the value of information increases when it is connected to a location. All kinds of information can be connected to a geographic location, such as financial data, health data and other consumer behavioural data. With the rapid technological development and wide uptake of smart mobile devices, a whole new category of location based services is developing. 
and ends with some interesting recommendations:
  • Because location data from smart mobile devices reveal intimate details about the private life of their owner, the main applicable legitimate ground is prior informed consent.
  • Consent cannot be obtained through general terms and conditions.
  • Consent must be specific, for the different purposes that data are being processed for, including for example profiling and or behavioural targeting purposes from the controller. If the purposes of the processing change in a material way, the controller must seek renewed specific consent.
  • By default, location services must be switched off. A possible opt-out mechanism does not constitute an adequate mechanism to obtain informed user consent.
Still not convinced that the average man on the Clapham Omnibus will ever achieve "informed consent" with the 80+ pages of Ts & Cs we get confronted with today...

Sunday, 10 July 2011

Is the Future of Patient-Managed Health Records Now a Thing of the Past?

RIP Google Health and Powermeter (see here); and MSFT Hohm at the same time. In the immortal words of Half Man Half Biscuit "A million housewives every day pick up a tin of beans and say, 'what an amazing example of synchronisation'".

And so as they ask over at BioPoliticalTimes are we done with patient managed records? 

I think the thing here is not to loose track of the fact that patient access to records rather than holding them is a key service we want to see...