Personal Data Protection and Geolocalisation

1
Personal Data Protection and  Geolocalisation 

• Didier Gasse
• Commission Nationale de lInformatique et des
  Libertés

2
Definition for  Geolocalisation 

• ?Getting and possibly transmitting the geographic
  position of a person, a vehicle or an object with
  two methods
• Using a signal emitted by satellites through an
  electronic device
• Using the digital mobile telephony network and
  the signal emitted by the phone
• (source www.geoconcept.com)
• ?Geolocalisation is often completed by the
  processing of additional data (e.g. sensors
  settled in controlled vehicles)

3
Geolocalisation for what purposes ?

• Traffic assistance
• Tracking people
• Controlling and monitoring employees or goods
• Invoicing purpose (calculation, proof, etc.)
• Obtaining behaviour informations, etc.
• ?Purposes may be private or professional
• ?Several purposes are often mixed

4
European Union Directives

• Directive 95/46/EC
• Directive 2002/58/EC concerning the processing of
  personal data and the protection of privacy in
  the electronic communication sector
• Nota Article 13 of Directive 95 and article 15
  of Directive 2002 allow Member States to resort
  to exceptions for national security, defense,
  public security, etc.

5
Geolocalisation Personal Data Protection
preliminary questions

• Two situations
• ?The data subject is asking for geolocalisation
• ?The data subject is the target of
  geolocalisation
• If the data subject is the target, is he really
  free ?
• Ordering Party Target
• Friends ? Friends
• Parents ? Children
• Insurance companies ? Motorists
• Public entities or companies ? Employees
• Transport companies ? Lorrys drivers, etc.

6
Major data protection principles applied to
geolocalisation

• Is geolocalisation purpose explicit and
  legitimate ?
• Are geolocalisation data adequate, relevant and
  not excessive ? ? especially in case of
  additional data
• Information of data subject ? no exceptions
• Consent of data subject ?  opt-in  principle,
  but exceptions especially for employees
• Data subjects right to object ? according
  private or professional area
• Retention period ? only duration necessary for
  the provision of the service, longer only if
  necessity established

7
What do the principles listed above try to
preserve in case of geolocalisation ?

• Right to privacy
• Right to come and go anonymously

8
Three specific cases of geolocalisation in which
CNIL had to take decisions

• Location of children by parents via mobile
  phones (see web site www.ootay.com)
• Monitoring of vehicles employees by companies
• Monitoring of young drivers cars by an
  insurance company

9
Childrens geolocalisation in 2003, CNIL
insisted on several rules

• CNIL mentioned the question of normal relations
  between parents and children (especially
  teenagers), and asked for
• ?Obtaining the childs prior consent, who has to
  valid the initial inscription by answering an
  SMS(Directive 2002 art. 9. 1.)
• ? Providing the child with the information of
  each location via SMS(Directive 2002 art. 9.
  2.)
• ? Informing on the web site about the risks of
  dishonest use of location system

10
Monitoring of vehicles employees
recommendation by CNIL (march 2006)

• Origin spectacular increase of geolocalisation
  processing data
• Purpose to determine a limit between work and
  privacy or the degree of monitoring and permanent
  surveillance acceptable for employees
• Challenge taking into account road transports
  specificities? make a distinction between
  employees whose job is to drive a vehicle and the
  others

11
Monitoring of vehicles employees contents of
CNIL recommendation

• Enumerate legimate purposes? no geolocalisation
  if employees are free to organize their travels
• ? possibility for employee to inactivate system
  out of work time
• Data retention periods two months, more only if
  necessity established
• Prior information of employees and their
  representatives, and right of access close to a
  named person or service
• Collected data ? no processing of criminal
  offences

12
Monitoring of young drivers cars by an
insurance company authorisation rejected by
CNIL, in nov. 2005

• Data collected every two minutes location,
  speed, speed limit
• Purpose of data processing monitoring
  compliance with the drivers commitments (no
  driving during week-end, at night or longer than
  two hours no speed limit excess) for
  calculating insurance bonus
• CNIL refused its authorisation for two reasons
• Private entities not authorized to process
  criminal offences (art. 8.5. Directive 95/46)
• Disproportionality between purpose and processing
  data (art. 6.1.c) Directive 95/46)

13
Conclusions (I) a personal data protection
area more and more limited
14
Conclusions (2) what to do ?

• Implementation of Directives in national law may
  come to different solutions inside UE
• Geolocalisation development (See Galileo Program)
  makes cooperation between DPA essential
• Art 29 WP is the good place, but it may be
  necessary to increase DPA exchanges
• Solutions may be different according to country,
  but should not be opposite, in a world where
  privacy is going more and more cut down

15
Thank you for your attention