Location data as an 'identifier' of personal data
Recent doctoral dissertation in legal studies reveals alarming news regarding the vulnerability of location and location data on mobile devices, and while using the Internet and location-based services (LBSs) in those devices.
“It is even technically possible that every step of a smartphone user might be tracked, or users may permit particular applications (apps) to access their location without realising it. In addition, location data can provide very sensitive information about an individual, including a visit to some particular hospital, a political assembly or religious places”, says Shakila Bu-Pasha, Master of International and Comparative Law.
Bu-Pasha will defend her doctoral dissertation in the Faculty of Law, University of Helsinki, on 14 December 2018.
The dissertation addresses a common and significant legal problem: the relationship between collection of location data in mobile device usage and the European Union law on the protection of personal location data and privacy.
“Yet most of the mobile device users, especially smartphone users are unaware and not even well informed about the processing of their location data and its impact to the right to privacy and personal data protection”, Bu-Pasha tells.
User-friendly functionalities, transparent and accountable data processing activities, and compliance with regulatory requirements in running mobile apps and websites
Along with the traditional human rights law, the EU information and communications technology (ICT) as well as data protection law play a significant role in the privacy and personal data protection of mobile device users.
“The need for obtaining user consent and maintaining transparency and accountability on behalf of online platforms and other responsible bodies as data controllers and processors is real. The users should enjoy the option to express their actual choice of either accepting or denying the terms and policies of the location-based services”, Bu-Pasha sums up.
By analysing some recent Court of Justice of the European Union case laws, Bu-Pasha has analysed how the EU data protection law tackles disputes involving transnational issues online, which includes its extra-territorial application and cross-border data transfers.
“My dissertation emphasises the efficiency of EU data protection law in the borderless and universal Internet system and digital environment, more specifically with the introduction of the General Data Protection Regulation (GDPR), which can effectively bind data controllers such as multinational technology companies, online platforms and other entities for safeguarding data subjects’ right to privacy and personal data protection and for the promotion of smooth and safe public participation on the Internet via mobile devices”, she tells.
At the same time, the dissertation covers international and EU Law aspects of the mitigation of harmful radio interference in Global Navigation Satellite System (GNSS) and radio communication system for the accuracy in location estimation and location services.
“On the ground of protection of privacy, the EU law does not permit using illegal devices like jamming and spoofing devices which hamper GNSS technology and services”, Bu-Pasha explains.
Shakila Bu-Pasha, Master of International and Comparative Law will defend the doctoral dissertation entitled “Location Data, Personal Data Protection and Privacy in Mobile Device Usage: An EU Law Perspective” in the Faculty of Law, University of Helsinki, on 14 December 2018 at 10:15. The public examination will take place at the following address: Suomen Laki – sali (PIV, 117), Yliopistonkatu 3, Helsinki.
Docent Tobias Bräutigam (Senior Counsel at Bird & Bird), University of Helsinki will serve as the opponent, and Professor Päivi Korpisaari as the custos.
The dissertation is also available in electronic form through the E-thesis service.