Challenges to Locational Privacy: The Transformation of Urban Mobility

Institute for Prospective Technological Studies (IPTS), ‘Security and Privacy for the Citizen in the Post-September 11 Digital Age: A Prospective Overview Report to the European Parliament Committee on Citizens Freedoms and Rights, Justice and Home Affairs’ (IPTS 2003) <ftp://​ftp.​jrc.​es/​pub/​EURdoc/​20823-ExeSumm.​pdf> accessed 12 September 2019.

Marc Langheinrich, ‘Privacy Invasions in Ubiquitous Computing’ (Workshop on Socially-informed Design of Privacy-enhancing Solutions in Ubiquitous Computing 2002) <http://​citeseerx.​ist.​psu.​edu/​viewdoc/​download?​doi=​10.​1.​1.​6.​6743&​rep=​rep1&​type=​pdf> accessed 28 August 2019.

Joint Research Centre of the Commission and the Institute for Prospective Technological Studies (IPTS), ‘Future bottlenecks in the information society’ (IPTS 2001) 104 <https://​op.​europa.​eu/​en/​publication-detail/​-/​publication/​9e10023b-b5da-45cb-b9bb-f05a0676322d> accessed 20 August 2019.

Indeed, the significance of the issue of location data and the subsequent triggers applied by the provisions of the EU legal instruments which confer the obligations incumbent upon data controllers and data processors to protect individuals’ privacy and right to data protection was highlighted very early on in the development of mobile communications networks. See further: Commission, ‘A comprehensive approach on personal data protection in the European Union’ COM (2010) 609 final.

Kristina Irion and Giacomo Luchetta, ‘Online Personal Data Processing and EU Data Protection Reform: Report of the CEPS Digital Forum’ (Center for European Policy Studies (CEPS) April 2013) 72 <www.​ceps.​eu/​wp-content/​uploads/​2013/​04/​TFR%20​Data%20​Protection_​0.​pdf> accessed 28 August 2019; Douwe Korff, ‘Data Protection Laws in the EU: The Difficulties in Meeting the Challenges Posed by Global Social and Technical Developments’ (2010) Kantor and Centre for Public Reform Working Paper 2 <https://​papers.​ssrn.​com/​sol3/​papers.​cfm?​abstract_​id=​1638949> accessed 12 September 2019.

Muhammad Shoaib and others, ‘Towards Physical Activity Recognition Using Smartphone Sensors’ (2013) IEEE 10th International Conference on Ubiquitous Intelligence & Computing 80 <https://​ieeexplore.​ieee.​org/​abstract/​document/​6726194> accessed 21 August 2019.

Jason Millar, ‘Core Privacy: A Problem for Predictive Data Mining’ in Ian Kerr, Valeria Steeves and Carole Lucock (eds), Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society (New York, Oxford University Press 2009) 106. Similarly, Phillips underscores the primacy of behavioural monitoring as an objective of ubiquitous location tracking, identifying the abnormal from a background of normalcy: David Phillips, ‘Ubiquitous Computing, Spatiality, and the Construction of Identity: Directions for Policy Response’ in Ian Kerr, Valeria Steeves and Carole Lucock, Lessons from the Identity Trail: Anonymity, Privacy and Identity in a Networked Society (New York, Oxford University Press 2009) 310. In a similar vein, Gonzalez and others argue in their research that, in contrast with the random trajectories predicted of humans, our movements follow simple reproducible patterns and, as such, knowledge of the intrinsic similarity of our travel patterns could prove transformative the monitoring and predictive modeling of human mobility: Marta C Gonzalez, César A Hidalgo and Albert L Barabási, ‘Understanding individual human mobility patterns’ (2008) 453 Nature 779. Freiwald also asserts that cellular networks afford sufficient resolution in allowing for detailed inferences to be drawn relating to individual patterns of movement, noting that the short-term irregularity and imprecision of specific data points is adequately compensated for by the larger datasets of location data furnished over time: Susan Freiwald, ‘Cell Phone Location Data and the Fourth Amendment: A Question of Law, Not Fact’ (2011) 70 Maryland Law Review 731, 732. For further examples see also: Julie Cohen, ‘Privacy, Visibility, Transparency, and Exposure’ (2008) 75 University of Chicago Law Review 186. Refer also to Boyd and Crawford’s account of the issues of apophenia (erroneous pattern recognition), which advocates particular caution in relation to the processing of large datasets of personal data: Danah Boyd and Kate Crawford, ‘Six Provocations for Big Data: a Decade in Internet Time’ (2011) Symposium on the Dynamics of the Internet and Society 4, 5 <https://​papers.​ssrn.​com/​sol3/​papers.​cfm?​abstract_​id=​1926431> accessed 16 March 2020. See also: David Bollier, The Promise and Peril of Big Data (The Aspen Institute 2010) 13.

Cohen’s work on the relationship between networked information technologies and their propensity to shape and configure those using such systems is particularly insightful: Julie Cohen, Configuring the Networked Self: Law, Code, and the Play of Everyday Practice (Yale University Press 2012). Also see: Paul Ohm, ‘Changing the Rules: General Principles for Data Use and Analysis’ in Julia Lane and others (eds), Privacy, Big Data and the Public Good: Frameworks for Engagement (Cambridge University Press 2014). See further: Predrag Klasnja and others ‘Exploring Privacy Concerns About Personal Sensing’ in Hideyuki Tokuda and others (eds), Pervasive Computing (Springer 2009) 176-183. Refer also to: Shoshana Zuboff, ‘Big Other: Surveillance Capitalism and the Prospects of an Information Civilization’ (2015) 30 Journal of Information Technology 75.

Ionna D Constantiou and Jannis Kallinikos, ‘New Games, New Rules: Big Data and the Changing Context of Strategy’ (2015) 30 Journal of Information Technology 44.

For instance, Seidman asserts that the private sphere constitutes the diametric opposite to the public nature of government, within which citizens can freely develop their own individual, personalised relationships. See further: Louis Seidman, ‘Public Principle and Private Choice’ (1987) 96 Yale Law Journal 1026. Tene, in contrast, has contended that the private and public dichotomy has been irreversibly transformed, claiming citizens accept location being tracked and broadcast. See: Omer Tene, ‘Privacy: The New Generations’ (2010) 1 International Data Privacy Law 15. Refer also to Gary Marx’s discussion of conceptual borders and the capability of comprehensive monitoring to invade public and private spheres: Gary Marx, ‘Murky Conceptual Waters: the Public and the Private’ (2001) 3 Ethics and Information Technology 157.

See for example: Daniel Solove, ‘Reconstructing Electronic Surveillance Law’ (2004) 72 George Washington Law Review 1264, 1708 in which Solove asserts that: ‘Freedom is not just the absence of restraints; it is a mental state, a felt reality in both structure and sentiment.’ See also: Erving Goffman, The Presentation of Self in Everyday Life (Doubleday 1959) 75; Jason Millar, ‘Core Privacy: A Problem for Predictive Data Mining’ in Ian Kerr, Valerie Steeves and Carole Lucock (eds), Lessons From The Identity Trail: Anonymity, Privacy and Identity in a Networked Society (Oxford University Press 2009).

See for example the deliberations of the ECtHR in the following cases: Uzun v Germany App no 35623/05 (ECtHR, 2 September 2010); Liberty and others v United Kingdom App no 58243/00 (ECtHR, 1 July 2008); Peck v United Kingdom App no 44647/98 (ECtHR, 28 January 2003).

See for example Jerome E Dobson and Peter F Fisher, ‘Geoslavery’ (2003) Institute of Electrical and Electronics Engineers (IEEE) Tech and Society Magazine 48. Moreover, Shokri and others affirm the importance of understanding the broader impact of location data collection and processing, whereby ‘a trace is not only a set of positions on a map. The contextual information attached to a trace tells much about the individuals’ habits, interests, activities, and relationships: … the negative side-effects of insufficient location privacy are becoming more and more threatening’: Reza Shokri, ‘Quantifying Location Privacy’ (Security and Privacy IEEE Symposium, Berkeley CA, 2011) 247.

Wider-ranging concerns expressed by Novotny and Spiekermann have highlighted how developments in personal data processing may present risks to the fundamental rights of citizens: ‘Personal information is also the core of two facets that constitute humanity: identity and dignity … as more personal information is collected, used, packaged, and leveraged, more conflict arises around how people can retain control of their identities and protect their dignity’: Alexander Novotny and Sarah Spiekermann, ‘Personal Information Markets and Privacy: A New Model to Solve the Controversy’ (2012) <http://​ssrn.​com/​abstract=​2148885> accessed 28 August 2019.

This duality recalls the incisive observation of Brandeis argued in Whitney, whereby liberty must be valued ‘both as an end and as a means’. Whitney v California, 274 US 357 (1927).

We enact our identity by way of the selective preferences we exercise in the situational and spatial relationships within our respective environments. This elucidation of location privacy reflects our ability to move freely, which contributes toward the formation of identity, and assimilates both a spatial and informational dimension. See: Phillips (n 8) 306-308.

Solove (n 17).

Hildebrandt and others have contended that human rights enable the creation of a ‘sphere of individual autonomy or self-determination and in doing so, they protect individuals against excessive steering of their lives and doings; they contribute to the creation of the private sphere.’ See further: Future of Identity in the Information Society (FIDIS), ‘D7.4: Implications of Profiling Practices on Democracy and Rule of Law’ (FIDIS 2005) 13 <www.​fidis.​net/​resources/​fidis-deliverables/​profiling> accessed 24 August 2019. Taylor has asserted that autonomy relates to an individual’s integrity and identity, and the ability to exercise agency in defining one’s own behaviour and persona; Charles Taylor, ‘Responsibility for Self’ in Amélie Rorty (ed), The Identities of Persons (University of California Press 1976) 281-301.

See Further: Michael Levi and David Wall, ‘Technologies, Security, and Privacy in the Post-9/11 European Information Society’ (2004) 31 Journal of Law and Society 194.

See, for instance: Dara Hallinan, Michael Friedewald and Paul McCarthy, ‘Citizens’ Perceptions of Data Protection and Privacy’ (2012) 28 Computer Law and Security Review 263, 267.

See: Peter Swire and Kenesa Ahmad, ‘“Going Dark” Versus a “Golden Age for Surveillance”’ (Center for Democracy & Technology, 28 November 2011) <https://​cdt.​org/​insights/​‘going-dark’-versus-a-‘golden-age-for-surveillance’/​> accessed 20 August 2019.

Masa Galič, Tjerk Timan and Bert J Koops, ‘Bentham, Deleuze and Beyond: An Overview of Surveillance Theories from the Panopticon to Participation’ (2017) 30 Philosophy and Technology 9. See also: Jean Camp and Kay Connelly, ‘Beyond Consent: Privacy in Ubiquitous Computing (Ubicomp)’ in Alessandro Acquisti and others (eds), Digital privacy: Theory, Technologies, and Practices (Auerbach Publications 2008) 327-343; Michal Kosinski, David Stillwell and Thore Graepel, ‘Private Traits and Attributes are Predictable from Digital Records of Human Behavior’ (2013) 110 Proceedings of the National Academy of Sciences of the United States of America (PNAS) 5802.

Meints notes in this respect that not only is the accuracy of data questionable in many cases, but also that ‘the accuracy of linkage to a specific individual in the case of personal profiling. This can be a severe problem if a personal profile is created on basis of data which is only thought to belong to the specific person, but in fact belongs to others.’ Thus a profile that is assigned to a specific person may constitute a hybrid or, indeed, even be entirely constructed from another individual’s data: FIDIS (n 22).

Michael Gleeson, Stéphanie Faber and Caroline Egan, ‘ICO Raises Awareness of the Privacy Implications of the Internet of Things’ (Lexology, 2014) <www.​lexology.​com/​library/​detail.​aspx?​g=​99ea0f7c-5c18-4f2f-b98f-9f650f33fc40> accessed 20 August 2019.

David L Hall and James Llinas, ‘An Introduction to Multi-sensor Data Fusion’ (1997) 85 Institute of Electrical and Electronics Engineers (IEEE) 6; Richard Beckwith, ‘Designing for Ubiquity: The Perception of Privacy’ (2003) 2 IEEE Pervasive Computing 40, 43; Kaivan Karimi, ‘The Role of Sensor Fusion and Remote Emotive Computing (Rec) in the Internet Of Things’ (Freescale 2013) 6-7 <http://​perma.​cc/​FP82-HK55> accessed 12 September 2019.

Scott Peppet, ‘Regulating the Internet of Things: First Steps Toward Managing Discrimination, Privacy, Security, and Consent’ (2014) 93 Texas Law Rev 85.

It has been noted that IoT sensor data are so rich, accurate, and fine-grained that data from any given sensor context may be valuable in a wide variety of different information contexts. In this context, Peppet asserts: ‘The technical problem created by the Internet of Things is that sensor data tend to combine in unexpected ways, giving rise to powerful inferences from seemingly innocuous data sources … in a world of connected sensors, everything may reveal everything’, ibid 119.

Refer to, for example, Kitchen and Dodge’s discussion of the role played by public and private spaces in relation to their intersection with software and the creation of new spatialities of everyday life and new modes of governance and creativity: Kitchin and Dodge (n 23) 12-14.

The Oxford Dictionary takes discrimination in this sense to mean ‘the recognition and understanding of the difference between one thing and another.’ In contrast, discrimination may also constitute prejudicial treatment which involves denying opportunities to members of one group in favour of other groups: See: Oxford Dictionaries online (OxfordLanguages) <http://​www.​oxforddictionari​es.​com> accessed 20 August 2019. In this context, Tene and Polonetsky have highlighted how the meaning of the term ‘discrimination’ has become highly charged; the data mining of personal data collected by IoT sensors could be legitimate, where we may overlook the fact that entirely reasonable distinctions that differentiate and discriminate between persons may be justifiable, noting: ‘In our daily life, we draw distinctions (i.e., discriminate) all the time. A person sitting next to us on a plane is tall or short, agitated or relaxed, attractive or unattractive, young or old—there is an endless list of such adjectives; and our attitudes and actions towards that person will vary accordingly.’ See further: Omer Tene and Jules Polonetsky, ‘Judged by the Tin Man: Individual Rights in the Age of Big Data’ (2013) 11 Journal of Telecommunications and High Technology Law 351.

Indeed, in this regard efforts to determine whether and how statistical analysis may allow patterns of discrimination to be discovered in datasets is only at an early stage of research. See for example: P Priya and J C Miraclin Joyce Pamila, ‘Identification of Direct and Indirect Discrimination in Data Mining’ in Azami Zaharim and others, Recent Advances in Electrical and Computer Engineering: Proceedings of the 2014 International Conference on Circuits, Systems, Signal Processing, Communications and Computers (CSSCC ‘14) (Venice, Italy, 15-17 March 2014, Wseas LLC 2014); Salvatore Ruggieri, Dino Pedreschi and Franco Turini, ‘Data Mining for Discrimination Discovery’ (2010) 4(2) ACM Transactions on Knowledge Discovery from Data 1.

Peppet (n 38) 117.

The reflections provided by the WP29 on IoT are especially apposite in that agencies such as the European Data Protection Supervisor (EDPS) asserted at the early stages of development of IoT that the expert group’s interpretation and guidance on the application of existing laws and principles would constitute a requisite for sustaining a coherent approach. See further: European Data Protection Supervisor (EDPS), ‘Internet of Things: Ubiquitous Monitoring in Space and Time’ (European Privacy and Data Protection Commissioners’ Conference, Prague, 29-30 April 2010) 7 <https://​secure.​edps.​europa.​eu/​EDPSWEB/​webdav/​shared/​Documents/​EDPS/​Publications/​Speeches/​2010/​10-04-29_​Speech_​Internet_​Things_​EN.​pdf> accessed 28 August 2019.

For example, the WP29 has warned that the fundamental rights of citizens of the EU are at stake; it contends that the development of IoT raises ‘new and significant personal data protection and privacy challenges’ that ‘could go as far as developing a form of surveillance of individuals that might be considered as unlawful under EU law.’ The WP29 further cautions that ‘IOT raises important security concerns, where security breaches could entail significant privacy risks for the individuals whose data are processed in such contexts.’ Article 29 Data Protection Working Party (WP29), ‘Opinion 8/2014 on the on Recent Developments on the Internet of Things’ (2014) WP223.

In this context the EDPS, for example, affirmed that the combination of technological developments with ‘new global realities’ rendered applying the existing legal principles pertaining to data protection particularly challenging, principally on the basis that the Directive, it believed, had not accounted for such eventualities. Indeed, in this respect, rather curiously it asserted that such challenges might only partially ‘be solved by interpretation and flexibility’: EDPS (n 44).

See: Dave Evans, ‘The Internet of Things: How the Next Evolution of the Internet Is Changing Everything’ (CISCO Internet Business Solutions Group 2011) 4 <www.​cisco.​com/​web/​about/​ac79/​docs/​innov/​IoT_​IBSG_​0411FINAL.​pdf> accessed 28 August 2019.

Indeed, the former EU Commissioner for the Digital Agenda Neelie Kroes has asserted that the Internet of Things ‘is surrounded by a value system: as it comes so close to the heart of everyday life, social relations and daily services, it needs a broad societal consensus to fulfill its potential’, thus reaffirming the concern that the collection and processing of personal data relating to highly intimate aspects of citizens’ lives could portend enormous impacts on the rights to privacy and data protection. See: Neelie Kroes, ‘Bringing European Values to the Internet of Things’ (2nd Annual Internet of Things Conference, Brussels, 1^st June 2010) 2 <https://​ec.​europa.​eu/​commission/​presscorner/​detail/​en/​SPEECH_​10_​279> accessed 28 August 2019.

FTC, ‘FTC Seeks Input on Privacy and Security Implications of the Internet of Things’ (Federal Trade Commission, 2013) 13 <http://​www.​ftc.​gov/​policy/​public-comments/​initiative-484> accessed 12 September 2019.

The EDPS highlighted at an early juncture in the evolution of smart cities and IoT the inherent challenges to privacy and data protection presented by an environment in which every single action of objects and individuals can be monitored from a spatial and temporal perspective, reflecting what the agency foresaw as a ‘lack of “natural” limits which were preserving the privacy of the data subject so far.’ As such, the issue arises as to how effective limits may in fact be set in order that the availability of this powerful monitoring capability may be regulated effectively. See: EDPS (n 44).

Thomas Louail and others, ‘From Mobile Phone Data to the Spatial Structure of Cities’ (2014) 4 Scientific Reports 5276 <https://​doi.​org/​10.​1038/​srep05276> accessed 20 August 2019; Marta C Gonzalez, César A Hidalgo and Albert L Barabási, ‘Understanding Individual Human Mobility Patterns’ (2018) 453 Nature 779; Thomas Louail and others, ‘Uncovering the Spatial Structure of Mobility Networks’ (2015) 6 Nature Communications 1.