Home > Public Domain Data > General Data Protection Regulation comes to the EU … and it covers location.

General Data Protection Regulation comes to the EU … and it covers location.

Legislation protection typically lags behind technological innovation until a clearer picture of how a particular technology is used and abused emerges. The issues associated with personal location data privacy and the often unintentional disclosure of personal and sensitive information, are subjects we have discussed many times before on Spatial Reserves (Always On: The analysts are watchingPrivacy concerns from fitness maps and apps).  However, things are set to change in the European Union (EU) with the introduction of new legislation covering how personal location information is collected, used and stored.

On 25th May 2018, General Data Protection Regulation (GDPR) will come into effect in the EU, replacing an earlier data privacy directive introduced in 1995. Aimed at protecting the personal data of all EU citizens, GDPR establishes new safeguards to minimise data breaches and misuse. It introduces a number of Data Subject Rights including right of access, right to be forgotten and privacy by design. Although such regulatory initiatives are often associated with the data collecting activities of larger companies and organisations and the type of data they collect, such as those in the financial and marketing sectors, GDPR extends the definition of personal data in Article 4 (1) to include:

‘… any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person

This legislative acknowledgement recognises location as an equally important component of personal information and an indicator of what GDPR defines as sensitive traits (political affiliation, religious beliefs and so on). Companies, organisations and institutions in the EU will be required to ask permission to use personal location information, be transparent about the use of this information and delete it if requested to do so.

 

 

Advertisements
  1. Robert W Pendergrass
    April 23, 2018 at 8:40 pm

    Does this cover display of individual locations of fires? Crimes? That could prove to be really a monkey wrench.

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: