Your SlideShare is downloading. ×
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Tom tom - Location services and privacy | Simon Hania @ VINT symposium THINGS 2013

3,354

Published on

Published in: Technology, News & Politics
0 Comments
2 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
3,354
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
15
Comments
0
Likes
2
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide
  • Animated, updated GSM, supersized imageRange of different sources, to enable reliable traffic detection on all roads in all situationsQuality of each source is important: precision of location (GPS better than GSM) and update frequency (logged every 2-5s, uploaded ~every 2 minutes)LIVE PND are connected TomTom GPS navigation devicesIn dash navigation currently limited to Europe (Renault, Fiat, Mazda)iPhone data is only from users of TomTom navigation application on the device – and GPS trace data only passed to TomTom if the user subscribes to LIVE services and the device is docked in the TomTom holderBusiness solutions is the TomTom unit focused on connected products for fleet owners (delivery vans, maintenance cars, etc)3rd party GPS data only used in selected countries (USA, South Africa & New Zealand)GSM probes only active in 8 countries (notably not in USA)Incident data = journalistic data describing the cause of the congestion / delay e.g. accident
  • Transcript

    • 1. Location services and privacyUsing geolocation in a trustworthy and compliant waySimon.Hania@tomtom.com
    • 2. 2Trends that threaten trust
    • 3. 3Connected cars with downloadable appsLocation services, cloud, internet-of-thing, big data
    • 4. 44. TomTom HD Traffic3. IQ Routes2. Map Share1. Base mapsRevolutionising navigationIn 4 steps4. TomTom HD Traffic3. IQ Routes2. Map Share1. Base maps4. TomTom HD Traffic3. IQ Routes2. Map Share1. Base maps4. TomTom HD Traffic3. IQ Routes2. Map Share1. Base maps
    • 5. 5TomTom Traffic coverageIt covers up to 99.9% of all roads
    • 6. 6Creating TomTom HD Traffic: data sourcesRange of high-quality real-time data sources
    • 7. TomToms trip archiveAnonymous location and speed information from theTomTom user community5 billion (10E9) speed measurements per day5 trillion (10E12) speed measurements to date!by customers driving 50 billion kilometresand visiting every spot over 1,000 times
    • 8. 8Travel times to hospitalBased on real worldmeasurementsLONDONBased on theoreticalmaximum speedsThe reality check that can help to save lives
    • 9. Origin/Destination analysis9Example: Trips with Frankfurt Airport as destination• Where are yourcustomers comingfrom?• What routes do theytake?• How may drivers arepassing?• Etc.• Combine with othergeo-based datasources for additionalanalysis
    • 10. Drivers, police & TomTom10An explosive mixture
    • 11. Location privacy is top of mindWith bloggers, press, regulators, enforcers, legislatorsand many users alike11• TomTom investigated byleading European DataProtection Authority in 2011• TomTom’s use of locationdata is in accordance withEU Data Protection Laws• Processing and delivery tothird parties 100% OK• Informing users needed tobe more explicit, includingopt-in
    • 12. Community input – with permission12We profile roads, not people
    • 13. 13How to enact?Nothing totally new, really1. Principles - is what everyone should know2. People - make the difference: good and bad3. Policies - are like high level requirements4. Projects - is where everything is put together5. Processes - is what we use to stay predictable6. Procedures - exist to avoid re-inventing wheels7. Paperwork - document everything properlyalso usedinternally
    • 14. TomTom & Privacy14Vision:Community input (crowdsourcing) is strategicPrivacy helps to realize businessobjectives by ensuring trustPrivacy is integral part ofbusiness continuity above andbeyond legal compliancePrinciples:1. Avoid unpleasant surprises:• Customer insight isparamount• Be open and explain –hesitation is an omen• Keep it simple2. The customer remains incontrol of his personal data:we have it “on a loan”also usedinternally
    • 15. 15Privacy Policies, Standards & Guidelines7 key objectives1. We asses our intended use of PD early to drive requirements2. We document PD: purpose, legitimateground, retention, access, jurisdiction(s)3. We ensure we have obtained or will obtain informed user consent4. We minimize the amount of PD (volume and time) and who hasaccess: we de-personalize or destroy PD as soon as possible5. We keep ensuring adequate security measures based on riskassessment of confidentiality, integrity and availability6. We do not expose PD to any third party, unless the third partycontractually agrees to comply to our policies (or law forces us)7. We enable the user to exercise his rights (information,access/download, correction, deletion) also usedinternally
    • 16. 16The 6 privacy questions1. What personal data are we processing?2. Why are we processing personal data?3. When can we destroy the personal data?4. Who will have access and will be accountable?5. Where will we process and store the personal data?6. Will we have a legitimate basis for processing?also usedinternally
    • 17. Privacy, amongst others, is about theprotection of personal dataPersonal data:• Contains (whatever) informationrelating to a natural (“real”) person• That person could beidentified, directly or indirectly• Typically: data attached to uniqueidentifiersAnonymous only:• When no reasonable way exists toidentify (“single out”) a person• Even when requiring correlation withother data sources (e.g. maps andphonebooks)• By anyone with the right resources17also usedinternally
    • 18. 18Typical personal data misconceptionsvery often present in technology companies• We do not identify the user while using the data, so we have noissues with privacy law• We only use the serial number of the users device, so the datais anonymous and we have no issues with privacy law• We encrypt the data, so we are no longerusing/receiving/sending personal data• We use hashes to replace all serial numbers, so the data is nowanonymous and we have no issues with privacy law• We anonimize the data, so we are not using personal data• We can use the users’ data for anything we want, as long as wekeep the data to ourselves• Look: big name companies are doing the same,so we are OK also usedinternally
    • 19. 19Can location data be anonymous?Research indicates: hardly ever
    • 20. Avoiding re-identification is keyTomTom has a strict code of conduct to adhere to privacy laws• Historic trip archive onlyto be used for road,traffic and relatedpurposes• No access to raw dataoutside TomTom, ever• TomTom performsprocessing• TomTom ensures re-identification isimpossible e.g. throughsufficient aggregation201 month1 day
    • 21. 21Lessons learnt• It is about trust and credibility, not about privacy or laws:• “Anonymous”, “aggregated” is evasive terminology• Data given in good faith, used against me• Be prepared to explain and take action, even if that hurts• Have your act together:• Avoid squirrel behavior – data minimization is key• Tell what you do with your users data and stick to it• Be able to produce all relevant documentation very timely• Co-operate with privacy regulators, don’t fight them
    • 22. 22Recommendations• Incorporate data protection requirements from the start• Take a multi-disciplinary approach: it is about your“license to operate in the information society”• Embed “privacy by design” into development processes• Document your data: “what, why, when, who, where”• Consider law enforcement/e-discovery implications• Appoint a “privacy czar” in your organization

    ×