Image courtesy of Stuart Miles at FreeDigitalPhotos.net
Two events back to back in a span of one week forced me think to think about my priorities and actions as far as my online privacy is concerned. With Mobile and Internet becoming synonymous the issue of Mobile Privacy is exacerbated and difficult to quantify, define and solve in one go. A small travelogue written and posted on a Blog by me got replicated on another Blog; in a matter of two days, but this time with a picture of me. On closer inspection I found it (my pic) to have been copied from my Facebook!!! How on Earth did the man find my Facebook and copied the pic? Obviously using my email he hunted me on the most popular social medium and using the pic posted on the Blog matched it with my profile pic on FB. Next thing, I get an email from a European country asking me questions which only I can answer, regarding my company’s role on some technical issues. Two days later the guy calls me up on my cell phone all the way from Germany asking me same questions. On my insistence he informs me that his company has a database of important persons with details about their job nature, email and cell numbers!!! Truth be told, I am flabbergasted. The bottom line is; guarding one’s privacy in the online world is impossible.
PMP defined: So what exactly is Mobile Privacy and how do we define it? And what are its principles? If any? Mobile privacy is not easy to quantify in today’s world considering the host of stakeholders involved in the issue. There’s the user who might or might not (in most cases) be aware of online privacy issues; like his/her secrecy, anonymity, freedom of movement, intimacy, fundamental rights, etc; the service provider (a Telecom operator), the ISP in some cases, the regulator, the app developer, the server hosting important data and off course anyone who might be interested in getting more information about the user for any purpose. To make the situation worse, all these stake holders are operating at a different level, and often in different geographic locations separated by thousands of miles and more importantly out of the jurisdiction of one another as far as laws are concerned. Then there’s the question of one’s personal data being transported from one location to another using the free Internet and off course its safety en-route from being eavesdropped. And to top it up, there’s the issue of location or server where this data might be stored and its security on the server from any sort of breaches or its falling in the wrong hands; inadvertently or intentionally. The issue of actions required to be taken in case of a breach, the absence or dearth of laws regarding physically separated locations. So, there’s not just one issue and no single comprehensive law that can encompass all these issues.
Important factors: When we talk of Mobile privacy a number of factors are important which need to be considered. These are covered in some detail in the succeeding paragraphs:
- The issue of personal data: Or what all can be described as personal data? Data that can be used to identify a person; e.g. name, age, sex, habits, education, religion, ethnicity, health, job etc.
- The “consent”: Means permission granted by a user to share his/her data with data controller, data processor, or anyone collecting it for any purpose.
- Privacy of the communications: Whether it is voice or data of any sort, it has to be transported over secure channels for protecting the user’s rights.
- Spatial Privacy: Given that today’s mobile devices are connected and always displaying one’s location, it is a very important factor to consider when giving permissions for access to one’s location.
- Data Protection and its security: A host of rules exist for protection of a user’s data. These include; collecting the bare minimum data required for a purpose, being fair and following the law, keeping it only for as long as it is necessary, respecting the user’s rights, keeping it secure and ensuring its protection etc.
- Accountability: Accountability means that each stakeholder does his job as specified in the relevant laws and those not abiding by the laws be held responsible.
Conclusion: Policy makers all over the world are striving hard to redefine the concept of privacy considering the fast pace of technological developments happening every day. With each new innovation the task is becoming more challenging. For example Over The Top (OTT) services have opened up a new dimension in the mobile privacy arena. Similarly Big Data is proving to be a new challenge. There is a growing need to have cooperation between regulators at international level for better understanding of the issues and tackling them. At the same time the industry has to take the lead for protecting the user’s privacy. In this regard it is important to understand that online privacy is a complex issue and a single solution to this problem does not exist as of today. More information on the issue is available at APEC privacy framework and the OECD guidelines on privacy.
GSMA runs very useful online courses on various subjects. You can follow the link to register yourself for training on Principles of Mobile Privacy here.