tom tom - location services and privacy | simon hania @ vint symposium things 2013
DESCRIPTION
TRANSCRIPT
![Page 1: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/1.jpg)
Location services and privacy
Using geolocation in a trustworthy and compliant way
Click to insert a picture
![Page 2: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/2.jpg)
2
Trends that threaten trust
![Page 3: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/3.jpg)
3
Connected cars with downloadable appsLocation services, cloud, internet-of-thing, big data
![Page 4: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/4.jpg)
4
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
Revolutionising navigationIn 4 steps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
4. TomTom HD Traffic3. IQ Routes2. Map Share 1. Base maps
![Page 5: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/5.jpg)
5
TomTom Traffic coverageIt covers up to 99.9% of all roads
![Page 6: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/6.jpg)
6
Creating TomTom HD Traffic: data sourcesRange of high-quality real-time data sources
![Page 7: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/7.jpg)
TomToms trip archiveAnonymous location and speed information from the TomTom user community
5 billion (10E9) speed measurements per day5 trillion (10E12) speed measurements to date!by customers driving 50 billion kilometresand visiting every spot over 1,000 times
![Page 8: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/8.jpg)
8
Travel times to hospital
Based on real world measurements
LONDON
Based on theoretical maximum speeds
The reality check that can help to save lives
![Page 9: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/9.jpg)
Origin/Destination analysis
9
Example: Trips with Frankfurt Airport as destination
• Where are your customers coming from?
• What routes do they take?
• How may drivers are passing?
• Etc.
• Combine with other geo-based data sources for additional analysis
![Page 10: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/10.jpg)
10
Drivers, police & TomTomAn explosive mixture
![Page 11: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/11.jpg)
Location privacy is top of mindWith bloggers, press, regulators, enforcers, legislators and many users alike
Click to insert a picture
11
• TomTom investigated by leading European Data Protection Authority in 2011
• TomTom’s use of location data is in accordance with EU Data Protection Laws
• Processing and delivery to third parties 100% OK
• Informing users needed to be more explicit, including opt-in
![Page 12: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/12.jpg)
Community input – with permission
12
We profile roads, not people
![Page 13: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/13.jpg)
13
How to enact?Nothing totally new, really
1. Principles - is what everyone should know
2. People - make the difference: good and bad
3. Policies - are like high level requirements
4. Projects - is where everything is put together
5. Processes - is what we use to stay predictable
6. Procedures - exist to avoid re-inventing wheels
7. Paperwork - document everything properlyalso used internally
![Page 14: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/14.jpg)
TomTom & Privacy
14
Vision:
Community input (crowd sourcing) is strategic
Privacy helps to realize business objectives by ensuring trust
Privacy is integral part of business continuity above and beyond legal compliance
Principles:
1. Avoid unpleasant surprises:
• Customer insight is paramount
• Be open and explain – hesitation is an omen
• Keep it simple
2. The customer remains in control of his personal data: we have it “on a loan”
also used internally
![Page 15: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/15.jpg)
15
Privacy Policies, Standards & Guidelines
7 key objectives
1. We asses our intended use of PD early to drive requirements
2. We document PD: purpose, legitimate ground, retention, access, jurisdiction(s)
3. We ensure we have obtained or will obtain informed user consent
4. We minimize the amount of PD (volume and time) and who has access: we de-personalize or destroy PD as soon as possible
5. We keep ensuring adequate security measures based on risk assessment of confidentiality, integrity and availability
6. We do not expose PD to any third party, unless the third party contractually agrees to comply to our policies (or law forces us)
7. We enable the user to exercise his rights (information, access/download, correction, deletion) also used
internally
![Page 16: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/16.jpg)
16
The 6 privacy questions
1. What personal data are we processing?
2. Why are we processing personal data?
3. When can we destroy the personal data?
4. Who will have access and will be accountable?
5. Where will we process and store the personal data?
6. Will we have a legitimate basis for processing?
also used internally
![Page 17: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/17.jpg)
Privacy, amongst others, is about the protection of personal data
Personal data:
• Contains (whatever) information relating to a natural (“real”) person
• That person could be identified, directly or indirectly
• Typically: data attached to unique identifiers
Anonymous only:
• When no reasonable way exists to identify (“single out”) a person
• Even when requiring correlation with other data sources (e.g. maps and phonebooks)
• By anyone with the right resources
17
also used internally
![Page 18: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/18.jpg)
18
Typical personal data misconceptionsvery often present in technology companies
• We do not identify the user while using the data, so we have no issues with privacy law
• We only use the serial number of the users device, so the data is anonymous and we have no issues with privacy law
• We encrypt the data, so we are no longer using/receiving/sending personal data
• We use hashes to replace all serial numbers, so the data is now anonymous and we have no issues with privacy law
• We anonimize the data, so we are not using personal data
• We can use the users’ data for anything we want, as long as we keep the data to ourselves
• Look: big name companies are doing the same, so we are OK also used
internally
![Page 19: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/19.jpg)
19
Can location data be anonymous?Research indicates: hardly ever
![Page 20: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/20.jpg)
Avoiding re-identification is keyTomTom has a strict code of conduct to adhere to privacy laws
• Historic trip archive only to be used for road, traffic and related purposes
• No access to raw data outside TomTom, ever
• TomTom performs processing
• TomTom ensures re-identification is impossible e.g. through sufficient aggregation
20
1 month
1 day
![Page 21: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/21.jpg)
21
Lessons learnt
• It is about trust and credibility, not about privacy or laws:
• “Anonymous”, “aggregated” is evasive terminology
• Data given in good faith, used against me
• Be prepared to explain and take action, even if that hurts
• Have your act together:
• Avoid squirrel behavior – data minimization is key
• Tell what you do with your users data and stick to it
• Be able to produce all relevant documentation very timely
• Co-operate with privacy regulators, don’t fight them
![Page 22: Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013](https://reader035.vdocuments.site/reader035/viewer/2022062616/549a05ecb47959002c8b465e/html5/thumbnails/22.jpg)
22
Recommendations
• Incorporate data protection requirements from the start
• Take a multi-disciplinary approach: it is about your “license to operate in the information society”
• Embed “privacy by design” into development processes
• Document your data: “what, why, when, who, where”
• Consider law enforcement/e-discovery implications
• Appoint a “privacy czar” in your organization