Text Hotspots is a joint venture between mobile phone services company Mobile Commerce and the celebrity gossip site PeopleNews.com. Vodafone users will be able to text certain words to a certain number and receive an SMS reply informing them of nearby celebrity hang-outs, together with directions from their current location.
The service includes an initial consent process to ensure that a user's location information is only requested from the Vodafone network in response to a valid service request. Also, Vodafone has not yet implemented exact positioning. The current degree of accuracy was not disclosed.
However, third generation (3G) mobile phones are expected to offer almost automatic location tracking, provided that operators adopt appropriate software for their networks. These technologies will locate a handset to within a range of 15 metres.
Many companies are expected to use location data in order to send targeted advertisements in the form of text messages to their customers (for example, special offers to anyone walking past a high-street store).
Privacy concerns have been raised by the combination of legislation that provides for the retention communications data – which includes location data – and legislation that provides for access to such data. The concerns are not only those of individuals and consumer groups. Telcos are faced with having to find a difficult balance between protecting the privacy of their customers under data protection laws and complying with new data retention and access rules.
The provisions that oblige telcos to retain communications data in the UK are found in the Anti-terrorism, Crime and Security Act, which was passed in December 2001. This law has not actually placed an obligation on telcos to retain data; it only authorises the Secretary of State to issue a voluntary code of practice. However, the Act also gives the government the power to issue mandatory directions, in the case that self-regulation is not successful. No voluntary code has yet been published.
According to the Act, communications data should only be retained for the purposes of prevention or detection of crime or the prosecution of offences related to national security. Such data can be obtained by law enforcement agencies without a court order.
However, another piece of legislation, the Regulation of Investigatory Powers Act (RIPA), gives a range of authorities the right to access the retained data for various reasons (including the assessment or collection of tax). A draft law to extend the list of authorities was recently withdrawn.
On the other hand, telcos are already obliged to comply with the provisions of the UK Data Protection Act 1998 which provides that they should not retain personal data for longer than necessary. If the retention of data under the Anti-terrorism, Crime and Security Act is regulated by a voluntary code of practice, telcos might find themselves in breach of the Data Protection Act. This is because a voluntary code of practice is not a legal obligation.