How do they know where I am?

Image from Unsplash

Geolocation data and how to use it

Have you ever wondered how certain companies know where you are? For example, when you search Google to find some good bagel spots, and it just so happens to recommend one that’s only five minutes from your house. Coincidence?

No. Of course not. But how do they know?

Well, the good news is, they’re not spying on you from the bushes – instead, they’re using the geolocation data sent from your device to personalise your browsing experience. By collecting information regarding your geographical location, the search engine can provide you a better, more relevant result.

So, if you run a business yourself and could benefit from tailoring your services to customers based in a specific area, then learning about geolocation data and how to responsibly use it could be a tremendous step up.

What is geolocation data?

Geolocation data, in a nutshell, is data that is taken from your device (such as your laptop or phone), and indicates that device’s location. A well-known example of this is IP addresses, which contain location information to make devices accessible for communication with each other.

While this data will ultimately help you satisfy your bagel cravings faster, it’s not all good news. As with processing any type of personal information, there are risks involved with geolocation data.

Image from Unsplash

What are the risks of geolocation data?

Firstly, the Information Commissioner’s Office (ICO) has stated quite clearly that the use of geolocation data in relation to children is a big concern. As it grants the ability to ascertain or track the physical location of a child, this then carries the risk that the data may be used for sinister purposes.

It’s also worth considering the mental health implications such processing may have on an individual. As technology evolves and surveillance practices threaten to become more invasive, geolocation data may leave people feeling ‘watched’. This has the potential to have some detrimental impacts on a person’s wellbeing, sowing distrust about whether their privacy will be safeguarded and upheld.

What does this mean in the realm of data protection?

Location data does fall into the category of personal data as set out in the UK GDPR.

Article 4 specifically includes location data in its definition of personal data. It states that personal data is “any information relating to an identified or identifiable natural person”. An “identifiable natural person” is defined as:

“…one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person”.

Interestingly, the United States takes a different approach to the categorisation of geolocation data to that of the UK. Under the UK GDPR, geolocation data does not form a part of special category data. This approach has been met with scrutiny in the US, despite there being some compelling arguments for why it should have a higher level of protection.

Image from Unsplash

Using geolocation data responsibly

It’s crucial to consider the risks associated with using geolocation data, and whether these risks are justified under the processing to ensure full accountability. As a part of this, a Data Protection Impact Assessment (DPIA) will be integral, and should the processing be implemented, you will need to ensure full transparency with data subjects.

How DPAS can help

To ensure that you process geolocation data (or other kinds of personal data) in a compliant manner, just give us a call.

At DPAS, our team of experts can work with you to complete any appropriate compliance documentation (such as DPIAs), conduct an audit of your organisation, support you with your policies and practices, and more. If you could benefit from a helping hand, you know where to find us.

Contact our team by calling 0203 3013384, emailing info@dataprivacyadvisory.com, or filling out a contact form.

Engage. Educate. Empower.

related posts

Mel

Looking back at 2024 for DPAS

As we reflect on another remarkable year, I want to take a moment to personally thank you for choosing DPAS. Your loyalty and trust drives us to continually deliver the highest-quality training and services for our clients.

Read More »

Get a Free Consultation