Post on 24-May-2015
description
Big data – Big brother?
Using geolocation in a trustworthy and compliant way
Click to insert a picture
More than SatNavs…
12/04/20232
Business Solutions
Automotive
Licensing
Consumer
3
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
Revolutionising navigationIn 4 steps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
Community input – with permission
4
We profile roads, not people
TomToms trip archiveAnonymous location and speed information from the TomTom user community
5 billion (10E9) speed measurements per day5 trillion (10E12) speed measurements to date!by customers driving 50 billion kilometresand visiting every spot over 1,000 times
6
Creating TomTom HD Traffic: data sourcesRange of high-quality real-time data sources
TMC coverage
7
TomTom HD Traffic coverage
HD Traffic coverage
LONDON
It covers up to 99.9% of all roads
Check for yourself on tomtom.com/livetraffic or use the free TomTom Places App for iPhone or Android
Intersection analysis
8
Obsoletes time-consuming, expensive and inaccurate methods
9
Travel times to hospital
Based on real world measurements
LONDON
Based on theoretical maximum speeds
The reality check that can help to save lives
Origin/Destination analysis
10
Example: Trips with Frankfurt Airport as destination
• Where are your customers coming from?
• What routes do they take?
• How may drivers are passing?
• Etc.
• Combine with other geo-based data sources for additional analysis
Location privacy is top of mindWith bloggers, press, regulators, enforcers, legislators and many users
Click to insert a picture
11
• TomTom investigated by leading European Data Protection Authority in 2011
• TomTom’s use of location data is in accordance with EU Data Protection Laws
• Processing and delivery to third parties 100% OK
• Informing users needed to be more explicit, including opt-in
12
Drivers, police & TomTomAn explosive mixture
Privacy, amongst others, is about the protection of personal data
Personal data:
• Contains (whatever) information relating to a natural (“real”) person
• That person could be identified, directly or indirectly
• Typically: data attached to unique identifiers
Anonymous only:
• When no reasonable way exists to identify (“single out”) a person
• Even when requiring correlation with other data sources (e.g. maps and phonebooks)
• By anyone with the right resources
13
14
EU WP29 opinion “Geolocation services on smart mobile devices”
Beware: engineers’ “binary” interpretation of principle based law with open norms
• Data attached to a unique identifier (e.g. serial number, email address) or reversible pseudonym (e.g. a hash) is to be considered personal data
• Location data originating from any individual is to be considered sensitive personal data: consent is the only acceptable legal basis for processing
• Sending location data “off board” requires:• Freely given no pressure is felt to consent • Prior before processing starts• Informed explain purpose, duration and who has access• Explicit i.e. opt-in requiring a user action and separate from accepting T&C’s• Consent permission to go ahead
• Information is required regarding:• What data is processed • Who will have access • Why is the data used• When will it be deleted• Where will the data be processed
• Validity of consent is directly related to the quality of information towards the user
• Consent renewal is required after prolonged period of non-use and at least every year
• No feature creep: perfectly stick to the purpose as agreed to by the user
• Erase location data right after use and never keep longer than 24 hours
15
Typical personal data misconceptionsvery often present in technology companies
• We do not identify the user while using the data, so we have no issues with privacy law
• We only use the unique serial number of the users device, so the data is anonymous and we have no issues with privacy law
• We encrypt the data, so we are no longer using/receiving/sending personal data
• We use hashes to replace all serial numbers, so the data is now anonymous and we have no issues with privacy law
• We anonimize the data, so we are not using personal data
• We can use the users’ data for anything we want, as long as we keep the data to ourselves
• Look: big name companies are doing the same, so we are OK
TomTom & Privacy
16
Vision:
Community input (crowd sourcing) is strategic
Privacy helps to realize business objectives by ensuring trust
Privacy is integral part of business continuity above and beyond legal compliance
Principles:
1. Avoid unpleasant surprises:
• Customer insight is paramount
• Be open and explain – hesitation is an omen
• Keep it simple
2. The customer remains in control of his personal data: we have it “on a loan”
Avoiding re-identification is keyTomTom has a strict code of conduct to adhere to privacy laws
• Historic trip archive only to be used for road, traffic and related purposes
• No access to raw data outside TomTom, ever
• TomTom performs processing
• TomTom ensures re-identification is impossible e.g. through sufficient aggregation
17
1 month
1 day
Community input – with permission
18
We profile roads, not people
Multi-disciplinary approach
19
Don’t just leave it to the lawyers
Expectation & law
engineering & operations
explanation & permission
20
Recommendations
20
• Incorporate data protection requirements from the start
• Take a multi-disciplinary approach: it is about your “license to operate in the information society”
• Embed “privacy by design” into development processes
• Document your data: “what, why, when, who, where”
• Appoint a “privacy czar” in your organization
21
References
21
• The EU Data Protection Directive (Directive 95/46/EC):http://eur-lex.europa.eu/LexUriServ/LexUriServ.do?uri=CELEX:31995L0046:en:HTML
• Working Party Article 29 opinion 13/2011 on "Geolocation services on smart mobile devices”http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp185_en.pdf
• Working Party Article 29 opinion 15/2011 on "Consent”http://ec.europa.eu/justice/policies/privacy/docs/wpdocs/2011/wp187_en.pdf
• The report on the Dutch Data Protection Authority investigation on TomTom's use of location data (in English):http://www.dutchdpa.nl/Pages/en_pb_20120112_investigation-tomtom.aspx
• “How we use your data”: TomTom’s explanation on its use of location data http://www.tomtom.com/yourdata video: http://www.youtube.com/watch?v=ZfRkAQl2wWQ