Company Confidential

Privacy Challenges

in a Mobile Environment

Dr. Tobias Bräutigam Senior Legal Counsel, Nokia

14 November 2012

1

Company Confidential

© Nokia 2012 Mobile Industry Privacy Challenge

Agenda

1. Privacy Challenges

A. The usual suspects

B. Multinationals

C. Mobile industry

2. Location based services privacy challenges

A. What are the challenges?

B. Challenge per type

3. An example of Privacy by Design

Company Confidential

Mobile is different

3

Company Confidential

“Usual Suspects of Privacy“

4

Security and technical and organisational

measures

Third party management

and outsourcing

Notifications and user choice

Company Confidential

Additional challenges as a multinational

5

Authority Requests

Educating your staff

world wide

Laws are different Localisation and updates drive costs

Company Confidential

Additional challenges for mobile industry

6 © Nokia 2012 Mobile Industry Privacy Challenge

Screen size

limited

Multitude of parties - Who is

the controller?

Multitude of sensors

– new rules

needed?

Company Confidential

Who is the controller?

7 © Nokia 2012 Mobile Industry Privacy Challenge

NEW REGULATION PROPOSAL

Article 24

Joint controllers

Where a controller determines the purposes,

conditions and means of the processing of personal

data jointly with others, the joint controllers shall

determine their respective responsibilities for

compliance with the obligations under this

Regulation, in particular as regards the procedures

and mechanisms for exercising the rights of the data

subject, by means of an arrangement between them

Company Confidential

Company Confidential

8 © 2009 Nokia Presentation name/Project owner/DD-MM-YYYY

Addressing location-based

services privacy challenges

© Nokia 2012 Mobile Industry Privacy Challenge 8

Company Confidential

9 © Nokia 2012 Mobile Industry Privacy Challenge

LBS Privacy Challenges

Street View Imaginery

Positioning = Identification?

Contextual Services

Company Confidential

Street-level imagery

10

© Nokia 2012 Mobile Industry Privacy Challenge

Face

s

Company Confidential

It is possible to position

without identifying

© Nokia 2012 Mobile Industry Privacy Challenge

Company Confidential

Company Confidential

Example use case

© Nokia 2012 Mobile Industry Privacy Challenge 13

Company Confidential

Employee location service

Indoor positioning system in Nokia office campus areas

• For locating assets e.g.meeting rooms and see real-time

booking status of meeting room

• To locate employee permanent seats

By signing up to service employee can

• see his/her own location the map

• see location of selected/consented colleagues on the map

Company Confidential

Privacy by Design

• Informing the employees • Employee consent is required when signing up to service

• Works councils • Privacy Supplements

• Granular choices • Whom to share with • How accurately

• Geofencing: User location is visible to the others only while in Nokia campus area

• Log data: No user specific location logs are stored in system

• In private areas like health center or restroom the system is arbitrating the location and not sharing the exact location with the others

Company Confidential

Locate use case

© Nokia 2012 Mobile Industry Privacy Challenge

Thank you