Blog

Location-Based Services Recommendations

Inspired by C. Enrique Ortiz' excellent recommendations on responsible location-based services application design, we offer our own recommendations:

  • Alert the user (replicates an Ortiz recommendation) that data is being collected - manage the privacy notice well

  • Give the user control (expands an Ortiz recommendation) about whether to collect data

    • For safety applications, turning location tracking off should be difficult, with lots of confirmations

    • For convenience applications, turning location tracking off should be easy

  • Ensure that there is a visual flag for ongoing data collection, especially for background applications (especially important if your application obscures the device's status icons, but relevant regardless)

  • Protect the data (replicates an Ortiz recommendation)

    • Data on device should not be discoverable by other applications (a determined hacker can take apart the data on the device, so go ahead and encrypt it)

    • Data transmitted should be encrypted

    • Data stored on server should be protected

Ortiz also recommends against geo-fencing, the practice of automatically tracking and alerting (a server, usually) when a person enters or leaves a specific geographic region. He instead recommends passive monitoring, in which the device decides when to report to the server. His recommendation is generally good, but for certain applications not valid.

For example, a parent might indicate a specific area where her teen is allowed to be without any further permissions (for example, the mall, school, and surrounding area); geofencing is the correct solution. A less contraversial situation is asset tracking, particularly for service or delivery trucks. Active monitoring could be important to track the company's assets.

We have other recommendations based on the exact type of application you are developing. Examples include:

  • A voyage-based travel application should only monitor location during the trip itself - a few hours before the flight is scheduled to depart until the user has found his car upon return.

  • Coupon or discount or advertising applications should send location data only to the specific parties authorized to know the user's location. A specific restaurant for a lunchtime coupon application would not have permission, so don't give a specific user's identifying data to them. Restaurants could have access to aggregate data (number of users within the standard radius; number of users within the walking-by radius) - but you'd want to require that they actually deliver value to the users. Thus restaurants would have to send out a minimum number of coupons per week or month.

Other applications have other issues, and it is worthwhile consulting with an expert to ensure you are doing the right thing.

← Amazon as an MVNO Phone Cameras? →

Comments

C. Enrique Ortiz on 14 December 2005 - 3:17p.m.

Hi Barbara. Thanks for the feedback. I like how you reworded the guidelines and what was added. Yes, I agree there are exceptions, but in general, geofencing should not be preferred, especially when tracking employeess. If you don’t mind, I would like to incorporate your suggestions. The goal is to create some standard, achievable guidelines. Thanks.

ceo

Add your comment