And that’s why I won’t be buying a GPS anytime soon.
Outrage over TomTom speed traps for motorists
TomTom Australia says it is planning to sell GPS data collected about its customers’ journeys to road authorities and private companies even after it was forced to apologise when that same data was used by Dutch authorities to set speed traps.
The revelations, revealed in The Australian Financial Review today, have caused outrage among privacy campaigners and lobby groups who believe it is now necessary for electronic devices to come with special stickers saying whether they are going to track your location and be sold to marketers.
But TomTom Australia’s vice-president of marketing, Chris Kearney, in a phone interview, rejected the privacy concerns and claims that TomTom was “tracking” users. He conceded TomTom was collecting real-time “timestamped GPS data” of users’ journeys but said there were no privacy risks because the data was decoupled from the individual users.
“It’s not useful on an individual basis – it’s only useful when aggregated,” Mr Kearney said.
Last month TomTom was heavily criticised for selling data to the Netherlands government, which used it to place speed traps and cameras in the most effective areas to catch motorists. Following public outrage, TomTom’s chief executive, Harry Goddijn, appeared on YouTube to apologise, saying he believed the data would be used to improve safety or relieve traffic bottlenecks.
Mr Kearney said TomTom was hoping to offer the data – which includes journey times, speeds and routes taken – to Australian organisations like the RTA and VicRoads in the second half of this year, although nothing had been confirmed. He said he would have to examine ways of preventing them from using it to set speed traps.
Mr Kearney said the data, which is already being sold by TomTom’s licensing arm in Europe and the US, would also be useful for marketers to see where cars slow down in order to optimise billboard placements. It could also be used by commercial property developers.
“It’s not active for Australia yet although we do have the base data,” he said.
“The Privacy Act does not prevent the on-selling of personal information but where this does happen it must be done in accordance with the Act,” said Pilgrim.
“Even though the type of data collected such as speed, travelling times etc. on its own may not be considered personal information, this type of activity does raise the issue of data aggregation where pieces of individual data can be put together to build up a profile.”
In the Financial Review’s story the Australian Privacy Foundation said it would be easy to trace the data back to individual customers, even if TomTom claimed it only used aggregated, anonymous data.
However, Mr Kearney rejected this and said it was impossible to trace it back to individuals. He added that users were asked for confirmation before the data was collected and could opt out at any time.
“A vast majority of TomTom users grant TomTom the permission [to]collect road speed data. In doing this they allow TomTom to better understand road congestion and to deliver a better navigation solution back to users,” he said.
The issue comes after Apple and Google faced heat over their practices of tracking smartphone users’ locations. However, virtually every portable device with the ability to get online – such as Amazon Kindle devices with 3G connectivity – are now capable of tracking user locations.
Data on users is now where the money is in the high-tech world – evidenced by the fact that data-rich companies such as Facebook are being valued at tens of billions of dollars.
“TomTom’s move is really alarming. You think you’re buying a device or using a service, but what you’re really doing is providing details about your life to a company that can then sell on the open market to the highest bidder,” Colin Jacobs of Electronic Frontiers Australia said.
Mr Jacobs questioned whether it was necessary for TomTom to sell user data to remain in business given that customers were already paying for its GPS devices and services.
“I’m starting to think that we’re going to need to label every electronic item with a special sticker saying whether it’s going to track your location and sell it to marketers or not,” he said.
David Vaile, executive director of the University of NSW’s Cyberspace Law and Policy Centre, called on TomTom to authorise an “independent technical analysis” of its data collection practices by an outside authority.
“This apparent abuse of trust and export of location data potentially breaches the Privacy Act,” he said.
“This only protects them if the customer knows what the operator is doing, and the operator is frank about it – you cannot authorise what you are not aware of,” he said.
“If TomTom have not fully disclosed what they intend to do (for instance, by implying wrongly that the location data is not to be resold; or what is to be resold is not ‘personal information’, in the sense that the user’s identity cannot reasonably be ascertained, when it can be in practice from various device or network tags, logs or metadata), then the use may be ‘unauthorised’, and if so this could potentially open the way to significant criminal liability.”
TomTom’s main rival, Garmin, said it tracked customers’ “location, speed and direction when the device is in use”, and the data was sent back to Garmin when users connected their device to their computer. However, Garmin said it did not sell the data to any other companies and users could opt out.
“The use of this data is limited to developing and providing Garmin customers with improved routing information only,” Garmin said.