Catch up on stories from the past week (and beyond) at the Slashdot story archive

 



Forgot your password?
typodupeerror
×
Google Privacy EU Your Rights Online Apple

EU Demands Explicit Geo-Location Permissions 69

judgecorp writes "Apple, Google and employers are already contravening new European Union rules that will require companies to get explicit permission from users before any geo-location data can be used to track them, whether for the purposes of targeted advertising or monitoring employee behavior. This could be the start of the next big privacy argument. The hopes of companies planning to use geo-location data to push products and services to mobile device users have taken a beating in the European Union, following a pronouncement from the European Data Protection Supervisor, Peter Hustinx."
This discussion has been archived. No new comments can be posted.

EU Demands Explicit Geo-Location Permissions

Comments Filter:
  • Fucking Awesome (Score:1, Interesting)

    by Anonymous Coward

    Fantastic news. I just hope Congress here in the US will take note and do the same. But given that most of them are owned by Big Corporate, I doubt it. Sad how Senators and some House members aren't MEN at all - just puppets.

    Congratulations to the EU on another fine consumer protection law. Well done!

    • by Ihmhi ( 1206036 )

      So do I, but considering that we don't even have decent data protection laws like a lot of European countries yet I don't see it happening for a long time.

      • by dave420 ( 699308 )
        All of the EU has decent data protection laws, as it's required by an EU directive.
        • All of the EU has decent data protection laws, as it's required by an EU directive.

          Neither you nor the GP are wrong.

          "European" =/= "EU".

          Switzerland, Norway, Iceland, the various former Yugoslavs are "European" (well, culturally for Iceland ; for geologically/ geographically, you buy the beers and I'll set out the arguments), but not EU. Parts of former "European Russia" (west of the Urals) are also separate countries that are not EU (though they want to be) but are arguably also "European" in a cultural a

    • Sometimes I think the only rules that really need to be reformed in the US are those surrounding lobbyists, campaign contributions, and campaign funding.

  • by Anonymous Coward
    Just because the EU wants to spy on its subjects doesn't mean they like companies doing the same.
  • by WegianWarrior ( 649800 ) on Friday May 20, 2011 @04:15AM (#36189430) Journal

    I like the wording of that directive: "If telecom operators want to use base station data in order to supply a value-added service to a customer, according to the revised e-privacy directive they must obtain his or her prior consent. They must also make sure the customer is informed about the terms of such processing."

    Not simply consent, but informed consent. Nice... it's going to be fun to see Google, Apple et.al. trying to explain to users with no grip on the technical side of things the how and why of geo-location. Still, I'm sure most of them will happily sign up for targeted advertisements if it means their favorite app still work...

    Also I note that "Company Devices" can no longer be used for anything but tracking. This will mean that companies can no longer check if truck drivers follows the rules about rest periods, nor can they check to see if they are speeding... which might (probably will) lead to more tired truckers driving way to fast to meet deadlines. Unintended consequence, I hope.

    • by Anonymous Coward on Friday May 20, 2011 @04:27AM (#36189478)

      i can put your mind at rest concerning the truck drivers: trip recorders are mandatory for trucks and have been for decades (at least in Germany, but i'm pretty sure that this is an EU directive). police are allowed to check these anytime. these recorders do not store any geo data, but speed and driver working hours.

      • by Inda ( 580031 )
        Same in the UK but every lorry driver I've ever spoke to says these can be hacked and worked around.

        Exercise for the reader: google tachograph hacks
      • Well, in Germany geo data is collected from trucks for street tolls.

    • Also I note that "Company Devices" can no longer be used for anything but tracking. This will mean that companies can no longer check if truck drivers follows the rules about rest periods, nor can they check to see if they are speeding... which might (probably will) lead to more tired truckers driving way to fast to meet deadlines. Unintended consequence, I hope.

      I think that still comes under the heading of tracking. It is, after all, just a matter of referencing the positions to timestamps to get the speed. Plus, this area is already covered by tachographs for professional trucking, and the new digital ones cannot be tampered with easily.
      Having an extra layer of certainty always helps, though...

    • Also I note that "Company Devices" can no longer be used for anything but tracking. This will mean that companies can no longer check if truck drivers follows the rules about rest periods, nor can they check to see if they are speeding... which might (probably will) lead to more tired truckers driving way to fast to meet deadlines. Unintended consequence, I hope.

      For a company to track theri own truck you dont use the employers mobile device but a device built into the truck.
      For checking the sleeping times a

    • I'm pretty sure Google's opt-in on Android as it is now can be considered to offer informed consent.
  • by Barryke ( 772876 ) on Friday May 20, 2011 @04:17AM (#36189444) Homepage

    Any argument that this stifles innovation is invalid, if the product is good enough people will gladly share their geo location.
    I for one will share my location with Google, as long as it promises to not share it with 3th parties.

    Disclosure: I am dutch.

    • by pla ( 258480 )
      I for one will share my location with Google, as long as it promises to not share it with 3th parties.

      I would say that forms the real problem here - Not controls on whether or not someone's Android can track them, but what Google can do with that data.

      A handful of companies each knowing a bit about my day's activities doesn't add up to squat. When weak protections allow those companies to share data about us without our permission, BAM, suddenly every marketing scumbag in the world knows what time we
      • That's already included in the Directive on privacy and electronic communications of 2002:

        Where the data may be transmitted to one or more third parties, the subscriber should be informed of this possibility and of the recipient or the categories of possible recipients. Any transmission should be subject to the condition that the data may not be used for other purposes than those for which they were collected. If the party collecting the data from the subscriber or any third party to whom the data have been transmitted wishes to use the data for an additional purpose, the renewed consent of the subscriber is to be obtained either by the initial party collecting the data or by the third party to whom the data have been transmitted.

      • You don't shit in the morning. You take your shit at approximately 4:46pm every day after getting home for work. You spend 20 minutes shitting while reading your latest Kindle novel. You flush twice. Once at about 4:51pm and the other after the 20 minutes has passed. Your toilet's flush isn't full optimized suggesting that there may be a leak with your plumbing. We have sent a plumber to fix the problem. Enjoy his ass crack.

    • And as someone who looks up the traffic data on Google maps I thank you. I too share my location data with Google, and I remember many Slashdot readers being wooed by this when they first started.

  • "already contravening"? Does judgecorp work for a tabloid like the Sun? Try "The EU in creating new rules to cover a domain it had ignored up to now, has devised rules stricter than the current implementations in iPhones and Android". TFA Gives no information whether it is the on-device caching of geo-location information that is the problem or whether WinPhone7's PhoneHome behavior of the same info is also covered in the new rules.

  • Already in Android? (Score:5, Interesting)

    by AmiMoJo ( 196126 ) on Friday May 20, 2011 @04:24AM (#36189464) Homepage Journal

    When you install an Android app it asks for permission if it wants to use your location data. Isn't that exactly what they are asking for?

    Android itself asks for permission the first time you use the phone.

    • Re: (Score:3, Informative)

      Many apps on the iPhone do so as well. The phone itself, no.

      • Many apps on the iPhone do so as well. The phone itself, no.

        Apps on an iPhone _cannot_ find out your location without asking you for permission and getting that permission. _Your_ phone is allowed to track your location, but if it does, then nobody except you is allowed to access that information without your permission.

      • by AmiMoJo ( 196126 )

        Thinking about it a bit more Android asks more than once, and app permissions differentiate between knowing approximate location (via mobile masts) and exact location via GPS.

        The following all have their own opt-in for using location data:

        - Google search via the on-phone app
        - Google's search website via in-browser location sharing
        - Google Maps/Navigation app
        - Anonymous wifi location reporting (to update their database of hotspots)

    • by captainpanic ( 1173915 ) on Friday May 20, 2011 @04:38AM (#36189508)

      There are always companies that are one step ahead of regulations. For example companies that are cleaner than strictly necessary.
      Still, it's a good idea to have the regulations to protect citizens / consumers.

      The fact that some companies already ask for consent now shows that this new regulations are totally reasonable.

    • by AliasMarlowe ( 1042386 ) on Friday May 20, 2011 @04:57AM (#36189600) Journal

      When you install an Android app it asks for permission if it wants to use your location data. Isn't that exactly what they are asking for?

      It's something, but it's not enough merely to say that it needs to access item X. The legislation requires that it also say what item X will be used for, and in an informative way. The consent given must be "specific and informed" in each case. Moreover, it was stated that "consent cannot be obtained freely through mandatory acceptance of general terms and conditions, nor through opt-out possibilities" which blows a hole in many of the current slimy practices involving EULAs and suchlike, or defaulting to opt-in.

      Producing weasel words which look just enough like informing the customer, but without really doing so (or preferably cunningly misinforming or misleading the customer into complacency), is a skill which will likely be in greater demand.

    • No. What happens if the carrier bundles an app? The app is already there, you never got to see if it has access to your location data unless you start digging through settings. Worse, what happens if some one that wants to spy on you manages to get his hands on your phone for 5 minutes? He has enough time to download and install tracking software that you may never know off (unless you are an above-average user.)

      What is being requested here seems to be that every time the app starts asking for tracking pe

      • by AmiMoJo ( 196126 )

        The app is already there, you never got to see if it has access to your location data unless you start digging through settings.

        Settings->Applications->Manage

        Tells you the permissions of all apps including bundled ones. Best thing to do is not buy a carrier branded phone anyway.

        Worse, what happens if some one that wants to spy on you manages to get his hands on your phone for 5 minutes?

        He can't get past the lock code you put on it.

        What is being requested here seems to be that every time the app starts asking for tracking permission every time tracking is initiated.

        No, what seems to be being requested is that apps are up front about what they do with your location data.

  • I sure hope that the thief accidentally pushes "yes" instead of "no" to the tracking request.
    • by Anonymous Coward

      I'm sure this was meant as a joke, but obviously you would pre-approve the "phone finder app" to always allow location requests. It's not like a GPS navigation app would ask to use your location every time it did a calculation to find out where you are.

      • The GP might have a point: The permission is based on the user, not on the device. A thief might *conceivably* have a case on the privacy issue.

        Whether that would interfere with his arraignment on theft is another matter, though.

  • "require companies to get explicit permission" => yes, and so what ? the user will see a nice popup when starting the phone, and if he doesn't accept the terms and conditions, he won't be able to use the phone ? crap...
    • Re: (Score:3, Insightful)

      by rich_hudds ( 1360617 )
      The request would have to be pretty specific, not a catch all for any future application you install.

      For a purchase such as a phone you would have to make the user accept the request before they made the purchase, or you'd have to make the phone work still work when the user said no.

      Not crap. Good.
      • Look at Android. If you refuse to share your location with google, you can still use your phone just fine. Google's mapping services do lose some accuracy in areas you frequent, and you may have slightly worse service for it. That's about it.
  • by Anonymous Coward

    So I can withhold right for the government or CCTV operators to infringe my privacy? No? Well what's the point then? Concentrate on the big privacy infringements first. If targeting ads based on position without consent is unacceptable, then gathering personal data by the government, or videoing individuals without their knowledge is unacceptable. Ban these before your worry about ephemera.

    • It is assumed that data collected by governments will be stored according to the law, and that it will only be accessible to the public authorities, and only with a warrant from the judicial authority.

      The same can't be said for the data collected by private entities: even if they do their best, as a corporation, to honour the privacy of user data, the risk of single malevolent employees abusing their position to access the data needs to be taken into account.

      About surveillance filming: at least in my co

    • I don't really see how CCTV infringes my privacy. If I'm in a public space, I don't really have any expectation of privacy, do I? At the moment there's a CCTV camera pointed at the area I'm working in (a quiet, low-traffic part of a very large industrial site). If the security guy wants to sit and watch me eat my lunch, that's fine with me. If I have an accident then they'll be able to send a first-aider round hopefully before I lose all eight pints...

      • Would you feel the same if the person at the next table stared at you the whole time you were eating your meal?

        • Wouldn't bother me particularly. As long as they weren't chewing with their mouth half-open or making disgusting slurping noises with their tea, they can stare at whatever the hell they want. It's a free country, over here at least.

  • by Jeppe Salvesen ( 101622 ) on Friday May 20, 2011 @05:28AM (#36189692)

    Good move, EU. Now you just gotta repeal the data retention directive, and then you'll regain some credibility on privacy matters!

    • by cpghost ( 719344 )
      I guess, the only way to repeal the data detention directive is some huge leak of such data to the public. Some hugely embarrassing data, if possible. Otherwise, there won't be enough political momentum because most people currently don't care (enough), or are even calling for even more data retention mania.
  • They should have done it sooner. The corporations managing the server-side of our smartphones know everything about our lives, and somehow selling this information is their core business. I can't see how my physical position wasn't considered a sensitive information until now. Especially in an era where such information can technically be broadcast to the whole world in a matter of seconds.

    I think this is going to get even more important with HMTL5 geolocation APIs. Have you ever tried them? They can give

  • What bothers me about all this (and a number of other such measures) is that it is Europe doing them, but not the United States.

    Whatever became of the United States as a world leader in personal freedom and privacy? Not that I have anything against Europeans, but this illustrates just how far down we in the US have been dragged by corporate and government collaboration against The People. Which also goes by another name: fascism.

    Now, it may not be fascism as extreme as Nazi Germany during WWII, but it
  • I like very common sense approaches to consumer protection, this seems like a good move. I am pro business (have MBA), but also recognize that part of governments job is to protect consumers from all out ruthlessness. How long before we can get this in the US?

    This really is a bigger blow to Google than Apple. Apple is a hardware company, making software to complete the experience (and tidy profit). Google is in the business of selling information, and this hits them where it hurts. Google has been coll

  • The user is giving permission to iOS built-in apps when they look at the terms and conditions of every iOS upgrade and when they turn location services on. You need location services on in order to use Google maps if you want to find your location on the map and you need it turned on in order for "Find my iPhone" service to work.

    If you don't want location services, you can turn it off in the preferences but then you also lose the ability to find your device through the "Find my iPhone" service.

    I've got a mu

You know you've landed gear-up when it takes full power to taxi.

Working...