Location data as an 'identifier' of personal data

December 6, 2018, University of Helsinki
Credit: CC0 Public Domain

A recent doctoral dissertation in legal studies reveals alarming news regarding the vulnerability of location and location data on mobile devices, and while using the internet and location-based services (LBSs) in those devices.

Shakila Bu-Pasha, master of international and comparative law, says, "It is even technically possible that every step of a user might be tracked, or users may permit particular applications (apps) to access their location without realising it. In addition, can provide very sensitive information about an individual, including a visit to some particular hospital, a political assembly or religious places."

Bu-Pasha will defend her doctoral dissertation in the Faculty of Law, University of Helsinki, on 14 December 2018. The dissertation addresses a common and significant legal problem: the relationship between collection of location data from mobile usage and the European Union law on the protection of personal location data and privacy.

"Yet most mobile device users, especially smartphone users, are unaware and not even well informed about the processing of their location data and its impact to the right to privacy and personal data protection," Bu-Pasha says.

Along with traditional human rights law, the E.U. data protection laws play a significant role in the privacy and personal data protection of mobile device users. "The need for obtaining user consent and maintaining transparency and accountability on behalf of online platforms and other responsible bodies as data controllers and processors is real. The users should enjoy the option to express their actual choice of either accepting or denying the terms and policies of the location-based services," Bu-Pasha says.

By analysing some recent Court of Justice of the European Union case laws, Bu-Pasha has analysed how the E.U. data protection law tackles disputes involving transnational issues online, which includes its extra-territorial application and cross-border data transfers.

"My dissertation emphasises the efficiency of E.U. data protection law in the borderless and universal internet system and digital environment, more specifically with the introduction of the General Data Protection Regulation (GDPR), which can effectively bind data controllers such as multinational technology companies, online platforms and other entities for safeguarding data subjects' right to privacy and and for the promotion of smooth and safe public participation on the internet via ," she says.

At the same time, the dissertation covers international and E.U. Law aspects of the mitigation of harmful radio interference in Global Navigation Satellite System (GNSS) and radio communication systems for the accuracy in location estimation and services.

"On the ground of of privacy, the E.U. law does not permit using illegal devices like jamming and spoofing devices which hamper GNSS technology and services," Bu-Pasha says.

Explore further: Google accused of manipulation to track users

Related Stories

Google accused of manipulation to track users

November 27, 2018

Seven European consumer groups filed complaints against Google with national regulators Tuesday, accusing the internet giant of covertly tracking users' movements in violation of an EU regulation on data protection.

Google clarifies location-tracking policy

August 16, 2018

Google has revised a help page that erroneously described how its "Location History" setting works, clarifying for users that it still tracks their location even if they turn the setting off.

Recommended for you


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.