Chapter Preview
TopBackground
Mobile technology has come a long way in the last quarter of the century. In the 1980s, mobile phones could only be used for phone calls. Since then, the development of new electronic communications services led to the widespread usage of mobile phones. According to a recent survey in 2013 there were 6.8 billion total mobile subscriptions (International Telecommunications Union, 2013). A report published by ComScore highlighted that the number of smartphone users in the 5 EU countries (Spain, Germany, Italy, France and the UK) grew by 30 percent over 2012, reaching 136.2 million in the three-month average ending December 2012 (241m audience in total across all devices) (ComScore Data Mine, 2013). According to Kammala (2013) 85% of American adults own a cell phone while over half of them use their phones to access the Internet. The mobile ecosystem has changed in other ways, too. In the 1980s, the companies were just profiting from the manufacturing of mobile devices as well as the providing of cellular services.
Mobile Applications
Today mobile devices are used to access social networking sites, download and install mobile applications. It has been reported that more than 1,600 new apps are added to app stores daily (Kamala, 2013). According to ABI Research (2012) an average smartphone user downloads 37 apps. Fifty billion apps had been downloaded from App Store as of January 2013 (Statista, 2014). Apps are mobile applications for devices such as smartphones, tablet computers and Internet connected televisions, available via app stores designed to “serve a wide range of purposes including web browsing, communication (e-mail, telephony and Internet messaging), entertainment (games, movies/video, music), social networking, banking and location based services” (Article 29 WP Opinion 2/2013). The complexity of apps software in addition to the fragmentation between the different parties involved in the developing of apps create a particularly privacy pervasive environment. In European Union the main legal instrument to address privacy issues with regard to apps is the Directive 95/46/EC complemented by Directive 2002/58/EC as amended by Directive 2009/136/EC, the so-called e-Privacy Directive. With the aim to clarify the legal implications of apps so as to provide useful, although non-binding, guidance to all the parties of the app ecosystem who need to comply with European Law, Article 29 Data Protection Working Party issued the Opinion 2/2013 on apps on smart devices.
Key Terms in this Chapter
Personal Data: Personally identifiable information. Data linked to a person or to a mobile device or can identify a person via personal information or a device via a unique identifier.
Article 29 Working Party: Independent advisory body on data protection and privacy, set up under Article 29 of the Data Protection Directive 95/46/EC. It is composed of representatives from the national data protection authorities of the EU Member States, the European Data Protection Supervisor and the European Commission. The Article 29 Working Party is competent to examine any question covering the application of the data protection directives in order to contribute to the uniform application of the directives. It carries out this task by issuing recommendations, opinions and working documents.
Health Data: Any information, which relates to the physical or mental health of an individual, or to the provision of health services to the individual.
Location Data: Any data processed in an electronic communications network or by an electronic communications service having the capability to indicate the geographical position of the terminal equipment of a user in particular information regarding the latitude, longitude or altitude of the terminal equipment; the direction of travel of the user; or he time the location information was recorded.
Apps: Apps are software applications designed for a specific task installed at smart devices such as smartphones, tablet computers and Internet connected televisions.
Purpose Limitation: Personal data must be collected for 'specified, explicit and legitimate' purposes and not be 'further processed in a way incompatible' with those purposes.
Informed Consent: Means that the data subject must have the necessary information regarding the identity of the data controller who is processing their personal data and the right to know what type of personal data is being processed and for what purpose the data are intended to be used, in order to form an accurate judgment before consent to the process of the data.
Regulation: Is the most direct form of EU law - having binding legal force throughout every Member State, on a par with national laws.
EU Directive: Lay down certain end results that must be achieved in every Member State. National authorities have to adapt their laws to meet these goals, but are free to decide how to do so.