The increased prevalence of location based services has raised a number of socio-technical issues, especially in respect of the privacy expectations of individuals. Although there have been assessments of the regulatory environment regarding location based services, the research presented in this article engaged key government agency stakeholders, rather than end-users. In doing so, it provides a contribution that complements the work with end users provided by others. The article also considers the policy context for location based services regulation. It does this by describing the policy-making processes in Australia in order to provide a context for the views of government agency stakeholders. The article analyses official statements received from privacy-related and emergency-related government agencies in Australia in order to assess stakeholder views.
Location Based Services (LBS) are services which use information about the location of one or more service elements in their operation. LBS are becoming ubiquitous. Some of these services are apparent as they are associated with the provision in an active device of location enabling technology. These enabling technologies include global positioning system satellite receivers as well as the use of known WiFi services to provide geolocation information. Passive devices can also form part of a location based service. For example, a credit card does not have location enabling technology. However, when a credit card is used for a transaction, the location of the credit card user is often known from the location of a store, the global positioning system from a card reader or a location associated with an Internet Protocol address for electronic commerce transactions. It is in the context of this ubiquity that this article looks at the regulation of Location Based Services from the point of view of government agencies.
The perspectives of government agencies are critical to decisions that create any regulatory environment. In the case of location based services, there are multiple stakeholders in the sector that is broadly described as “government”. This article focuses on privacy-related and emergency-related government agencies at a Federal and State level in Australia.
1.2. Approaches to LBS
LBS are commonly termed location services, location-aware services and/or location-related services due to their development and use in a variety of industries and by diverse communities, and are also classed context-aware applications (Küpper, 2005; Zhu et al., 2010). As Bauer et al. (2005) state, noteworthy features of LBS include “mobility, ubiquity and personalization.” Various definitions of LBS are available, given the multiple means associated with classifying LBS, and the myriad of application areas serving specific types of customers/user groups. Valuable definitions are provided in the associated literature (Astroth, 2003; Giaglis et al., 2003; Jacobsen, 2004; Küpper and Treu, 2010; Lopez, 2004; Shiode et al., 2004; Spiekermann, 2004).
The study of LBS regulation requires technical, social and environmental considerations. The technical considerations include the technologies upon which LBS are built. However, technical considerations are not technologically determinative especially if LBS is regarded as “disruptive” (Danneels, 2004). Rather, they depend on the stakeholders involved in the development and delivery of LBS applications. In turn, the stakeholder positions will also be influenced by the current and projected state of the industry. As an example, the value chain in LBS is described as having many operational actors (Küpper, 2005). The use of LBS has the potential to raise ethical issues. That is, there are ethical issues associated with the use of knowledge about the location of individuals and particularly individuals who are ‘at risk’. The literature refers to these as the socio-ethical dilemmas, associated with LBS. Several authors review these socio-ethical challenges (Elliot and Phillips, 2004; Michael and Masters, 2006; Michael et al., 2006; Perusco, 2006; Perusco and Michael, 2007). Environmental, including regulatory, considerations relevant to LBS are influenced and uniquely shaped by factors such as cultural, political and economic conditions and the outcome in a specific regulatory environment such as that in Australia (Abbas et al., 2013). This leads to a contested literature (Barreras and Mathur, 2007; Cho, 2005; Clarke and Wigan, 2011). This article does not address the issues from the perspective of users of location based services (Constantiou et al., 2014; Zhou, 2011). Instead, this article adds to those contributions by providing the views of government stakeholders.
As the survey of theories and methods of previous work set out above demonstrates, there is an opportunity to provide insights by considering the distinct and individual perspective of government stakeholders. The motivation behind the work is to help build a holistic view of the LBS sector. In the context of the technical, social and environmental considerations pertaining to LBS, the government stakeholder influence on regulatory discussions and debates is crucial. Government stakeholders are likely to be drivers of the policy context of LBS socio-technical systems embedded within a wider social context.
1.3. This article
The article begins by looking at approaches to location based services. The next section provides the policy-making context that is faced by government agencies in their dual role of both contributing to regulatory settings and working within those settings. This article provides a qualitative analysis of the official statements received from privacy-related and emergency-related government agencies. It also examines the privacy-related and emergency-related themes and sub-themes identified by government agencies. It ends by drawing some conclusions.
2. Context – the policy cycle
A useful model of policy formation and implementation is that Australian public policy is derived from “structured interaction” (Maddison and Denniss, 2009). This is an emerging approach, which diverges from the traditional government-dominated view, to incorporate multiple stakeholder perspectives and competing interests in making policy decisions. These decisions can include both action and deliberate inaction and depending on the desired outcome, a particular route is taken (Fenna, 1998). To aid in formulating policy, Bridgman and Davis (2004) suggest that policies be regarded as “theories about the world”, the success of which is reliant on careful design. This is a perspective shared by Fenna (1998) who asserts that theory is central to public policy examination. In effect, this structured interaction is another lens on the more general approach of evidence-based policy (Head, 2008; Michael and Michael, 2008), set out in more detail in Section 2.3below. There are practical constraints to this approach to policy. One is consistency in policy formulation determined by a “whole of government” or “joined up analysis” approach referred to by Marsden (2001) in the context of technology regulation.
Policy-development can be accomplished through the use of differing processes depending on the nature of the issue at hand (Fenna, 1998) and in a flexible and responsive manner (Bridgman and Davis, 2004). However, “there are constants in good policy making – an intellectual rigour about issues, a commitment to procedural integrity and a willingness to experiment and learn through implementation and adaptation” (Bridgman and Davis, 2004). A theoretical model, relevant to this research, is the Australian Policy Cycle, established by Bridgman and Davis (2004) and displayed in Fig. 1. Collectively the stages within the cycle, explained in Table 1 are intended to encourage articulation of the given problem, collection of evidence and perspectives, selection of a particular decision, implementation of an action plan, and appraisal of the aforementioned stages resulting in recommencement of the cycle and further iterations (Bridgman and Davis, 2004).Fig. 1. Australian Policy Cycle adopted from Bridgman and Davis (2004, p. 26).
2.2. Criticisms of the policy cycle model
The policy cycle model has often been criticised for its linear treatment of stages, a characteristic that does not reflect reality in that some stages may in actual fact be overlooked. It also omits an explicit risk analysis step, although this may form part of consultation and coordination. It has also been criticised for a lack of clarity in relation to the applicability of the approach, disregard for the factors driving policy through the respective stages, in addition to other criticisms (Maddison and Denniss, 2009). The authors also express the importance of understanding the cycle as a model and not a theory, as it does not offer an understanding of causality, but rather serves as a descriptive or explanatory instrument (Maddison and Denniss, 2009). Bridgman and Davis (2004) acknowledge these shortcomings, that applying “a policy cycle creates artificial expectations of a reliable, predictable policy world”, but insist that there are shared aspects in all policy-making processes and that the defined policy cycle is a feasible investigative tool. Furthermore, Bridgman and Davis (2004) contend that successful policy will entail moving through all stages of the cycle, not necessarily in a sequential fashion and not for uncomplicated policy issues. Nonetheless, the analytical value of Bridgman and Davis' policy cycle is evident in its accessibility as a working model. As a model, it attempts to offer tools to simplify, comprehend and identify the stages in the responses to complex policy issues.
One of the problems with the policy cycle model is that is highly idealised and does not reflect the experience of the development of real policy in Australia. Empirical work on the development of policy in Australia and in similar countries such as Canada finds that the trigger for policy action is the failure of policy inaction. This is sometimes characterised as a system failure (Dodgson et al., 2011). Perhaps this is best summarised using the aphorism “if it ain't broke, don't fix it”. The determines that there is a system failure or, at least, the perception of a system failure can come from sources outside the policy setting groups and is often a political input.
This position is supported in different contexts by the literature. Dodgson et al. (2011)identify system failure (as opposed to market failure) as trigger for policy introduction in innovation policy in Australia. The authors also contribute by identifying the importance of systemic connectivity in particular by reference to Nill and Kemp (2009). This complexity and evolutionary analysis supports the view that policy changes will be initiated once a tipping point is reached and the work by Dodgson et al. (2011) provides empirical support for this view. Adams et al. (2015) express that formation of policy is triggered by problems “people trying to work out what they should do about a problem”. In Canada, Howlett et al. (2014) point out that there are differences in the way that policy is analysed, depending upon who is doing the analysis supporting the “fixing a problem” perspective. Turnpenny et al. (2009) provide a comprehensive literature survey on policy analysis arguing the absence of definitive texts on the subject. There are still some issues with this approach including determining who is responsible for identifying the problem. In this context, it is important to recognise that there are substantial differences in the power of the various government stakeholders. This power includes institutional and market power, as well as the capacity to influence perceptions and shape debate.
The effect is that the policy cycle model is an idealisation of policy development and a useful tool for identifying the elements of policy introduction. However, it is limited as a method for determining when policy will be designed or implemented.
2.3. Evidence-based policy-making
A pertinent challenge in the Australian government domain is the process of evidence-based policy-making. Michael and Michael (2008) define evidence-based policy as “an approach to decision-making in government which stipulates that [the] policy-setting should be based on objective evidence.” The process denotes the shift from decision-making founded on opinions, theories and theoretical models to choices derived from evidence (Edwards et al., 2009). Evidence based policy-making thus involves the introduction of systems and techniques that incorporate evidence into all stages of the policy-development process, with the intention of being “receptive” to all types of evidence and data (Banks, 2009), in an attempt to avoid the situation in which evidence is gathered to suit a particular policy. According to Banks (2009), engaging in this form of policy-making requires a suitable methodology to be adopted, the characteristics of which include: (a) testing a theory or proposition which clearly demonstrates how the policy will serve general public interest, (b) considering “what would happen in the absence of any action”, (c) investigating both direct and indirect effects, and providing a measurable and replicable model for use by others. However, Banks (2009) does not provide an insight into the trigger for evidence-based policy-making.
The intention of evidence-based policy-making is to “improve the reliability of advice concerning the efficiency and effectiveness of policy settings and possible alternatives” (Head, 2009). The approach should be proactive in addressing negative and exploiting positive forces that may have a bearing on society through the generation and provision of “quality information” to inform the decision-making process and empower those stakeholders responsible for making decisions (Michael and Michael, 2008). Additionally, it should incorporate and draw on diverse sets of information from scientific, political, professional and institutional sources (Head, 2009). Head (2008) maintains that these sources provide varying lenses through which policy options can be scrutinised.
The development of evidence does not necessarily imply that policy changes will be initiated as a direct outcome of such knowledge (Chapman, 2009). Irrespective of the data collection method utilised and limitations inherent in the public policy or political realms, a prerequisite for evidence based policy-making remains quality data, analytical competencies and political backing (Head, 2009). Perhaps the most critical issue with evidence-based policy is that “Policy decisions emerge from politics, judgement and debate, rather than being deduced from empirical analysis” (Head, 2008).
One other issue that arises from both the policy cycle and evidence-based policy-making is that there is no explicit requirement for transparency to be an aspect of the resultant policy. Further, unless a specific consumer group is identified as a stakeholder, transparency may not be an input to the policy-making process. Instead, the policy outcome is likely to be characterised by a series of inter-related stakeholder positions where no stakeholder can improve their position without another stakeholder being made worse off. That is, the stakeholder position is Pareto efficient (Pareto, 1971) and represents a weak Pareto optimality (Warburton, 1983). The absence of transparency is possible in a Pareto efficient policy outcome and this is consistent with Amartya Sen's comment that “a society or an economy can be Pareto-optimal and still be perfectly disgusting” (Sen, 1970, 22).
2.4. LBS and evidence-based policy-making
With respect to emerging technologies, research has suggested that such technologies can indeed aid in evidence-based policy-making. For instance, a European Commission report claims that social computing applications, such as social networking services, enable the active involvement of citizens in political discussions by facilitating the collection of evidence that will help define/solidify public opinion and improve regulatory processes (Ala-Mutka et al., 2009). An alternative view posits that new technologies are often deployed without due process and the development of appropriate evidence in favour of or against their implementation (Michael and Michael, 2008). The consequences include lack of consideration of technological potential and risks, a major challenge that this investigation seeks to address through its examination of the socio-ethical challenges pertaining to LBS. It is in the context of this policy cycle that Australian government stakeholders in LBS were engaged. Although the research method that was used and is set out in the next section was influenced by the policy theory set out in this section, there are a number of areas where the policy literature does not provide guidance at the level anticipated by the authors.
3. Research method
In order to understand the views of government stakeholders on the LBS, two specific areas, which were likely to create policy issues, were chosen. These were the privacy-related and emergency-related aspects of LBS. The rationale for this selection was that the two aspects had been identified in earlier work with users and vendors as being most likely to be critical to government stakeholders.
Using the Australian Government Portal and other relevant government websites, the major privacy-related and emergency-related government agencies across Australia were identified. Table 2 presents the four major privacy-related government agencies in Australia with one at the Federal level and three at the state and territory level.
Table 3 identifies the nine major emergency-related government agencies in Australia with one at the Federal level and eight at the state and territory level.
3.2. Research method adopted
Australian government agencies generally have internal processes for responding to research requests for information. As such, a formal request for statement/interview letter, addressed to the relevant minister or ministerial staff was the most appropriate option for correspondence and engagement. This letter provided background information and the areas of research interest. These areas of interest were:
(a) general sentiments regarding LBS and the manner in which they related to the stakeholder in question;
(b) details of policies, codes, regulatory provisions, and/or legislation applicable to LBS;
(c) explanation of any policy initiatives concerning LBS that had been or were expected to be engaged in by the stakeholder;
(d) perspective of participants regarding LBS-related issues, specifically in cases where the regulatory provisions were thought to be lacking; and
(e) supplementary comments relevant to the agency.
The letter additionally also requested that participants respond through a formal statement or oral interview. To achieve consistency, packs were sent to the relevant government agencies requesting an official statement or interview. Each pack contained:
(a) the request for statement/interview letter;
(b) a discussion paper intended to information participant responses;
(c) a participant information sheet; and
(d) a consent form.
Once responses were returned from the privacy-related and emergency-related government stakeholders, the data were analysed using thematic analysis. The intention was to produce a rich narrative that represented the position of relevant government stakeholders. The thematic analysis process used the official statements and/or interviews verbatim. This maintained the context in which statements were made in order to avoid misrepresentation of interests.
Twenty-five requests for statement letters were distributed to different people at thirteen agencies identified in Tables 2 and 3. Ten responses were received from five of these agencies between October 2010 and March 2011. The response from the OAIC was received in November 2010. The responses were in the form of official statements and were varied in level of detail. They ranged from comprehensive statements addressing all areas of interest defined in the letter, through to responses declining participation in the study. For the purposes of this article, a response is defined as any reply, including those declining participation, as they later could indicate that the topic is not of high priority for the given agency.
4.1. Responses from government agencies
Three responses were received from privacy-related government agencies. Two were from the Office of the Information Commissioner (Federal) and one from Privacy NSW (State). The Office of the Information Commissioner provided a statement responding to the initial letter. Additionally, the Office submitted a detailed follow-up in reply to questions seeking further clarification and specific details relating to the Privacy Act 1988 (Cth).
Seven responses were received from emergency-related government agencies. Two were from Victorian agencies (the Victoria State Emergency Service and the Department of Justice Victoria), three from the Queensland Department of Emergency Services/Community Safety, and two from the South Australia Fire and Emergency Services Commission (SAFECOM).
The Victoria State Emergency Service officially declined participation in this research, stating that they “will not be participating due to other priorities at this time”. The Department of Justice Victoria, in contrast, returned an official statement outlining present initiatives while claiming that further participation in this investigation was not viable given current projects. The three responses received from the Queensland Department of Emergency Services/Community Safety were:
(a) an acknowledgement letter reporting that a response was to be formulated;
(b) an official statement on behalf of the Department describing initiatives in Queensland and providing details of an additional contact in the Department of Community Safety; and
(c) a follow-up response from the Department of Community Safety noting that “all available information regarding emergency services use of LBS” had been supplied in the official statement provided earlier.
The two responses returned from the South Australia Fire and Emergency Services Commission (SAFECOM) included:
(a) an acknowledgement letter on behalf of the Minister; and
(b) an official statement describing the role of SAFECOM and deferring the enquiry to the Department of Justice Victoria.
4.2. Privacy-related themes
The responses returned from privacy-related agencies were comprehensive in their coverage of relevant legislation, largely dealing with various aspects of the Privacy Act 1988 (Cth) at the Federal level, and privacy, health records, surveillance devices and workplace surveillance legislation at the State (New South Wales) level.
The Office of the Australian Information Commissioner (OAIC) described their organisation as
“an independent agency with functions relating to freedom of information (FOI), privacy protection (including in the private sector) and information management policy across the Australian Government”.
The Office has participated in various inquiries relevant to LBS, such as the Senate Inquiry into Online Privacy Protection which addressed issues related to location-based social networking applications (Office of the Privacy Commissioner 2010). The OAIC offered a detailed response comprising the initial reply and comprehensive follow-up, which covered the applicability of the Privacy Act to LBS in the Australian context. The collective response was intended for “advisory” purposes only, rather than being in any way formal or “legally binding”.
The Federal agency explained their role in relation to the Privacy Act:
“The OAIC is now the national privacy regulator for the Privacy Act 1988 (Cth), including complaint-handling, policy advice and education functions [this was previously the role of the Office of the Privacy Commissioner, which was integrated into the OAIC during the course of this study, on 1 November 2010]. The Privacy Act applies to the handling of ‘personal information’ (where an individual's identity can be worked out) held by Australian Government agencies and many private sector organisations. Where individual identities are not apparent, or not reasonably ascertainable, the Privacy Act does not apply to the information.”
The OAIC claimed that privacy was a significant and “primary consideration” associated with LBS usage, explaining “responsible use should take into account community expectations around the handling of personal information.” In reply to a set of specific questions, the OAIC then addressed various aspects associated with location privacy, information disclosure and storage, covert use of location information, carrier responsibilities and warrants, in addition to prospective privacy reforms.
4.2.1. Location privacy
In understanding the concept of location privacy, it is valuable to consider location information as a subset of personal information. According to the OAIC:
“[s]ection 6 of the Privacy Act defines personal information as: ‘. . . information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion.’”
The OAIC further explained that: “Personal information can include medical records, bank account details, photos, videos, opinions, and information concerning an individual's location – basically, any information where an individual is reasonably identifiable.”
The government agency explained that location information may not necessarily be covered by the Privacy Act in all instances:
“If an individual's movements are being tracked or monitored by organisations, such as the providers of targeted advertising and the identity of an individual can be reasonably ascertained from information collected by the organisation, the Privacy Act may apply. However, in many cases the information handled by organisations in these circumstances may not meet the definition of personal information under the Privacy Act.”
In cases where location information is covered, the OAIC pointed to the then applicability of the Information Privacy Principles (IPPs) and the National Privacy Principles (NPPs). In relation to the Information Privacy Principles, the Federal agency noted that:
“The Privacy Act 1988 (the Privacy Act) regulates the handling of personal information by Australian, ACT and (from 1/1/2011) Norfolk Island government agencies and certain private sector organisations. Section 14 of the Privacy Act contains a set of eleven Information Privacy Principles (IPPs) which are the base line privacy standards which the Australian, ACT and Norfolk Island government agencies need to comply with in relation to personal information kept in their records.”
Regarding the National Privacy Principles, the OAIC stated that: “Schedule 3 of the Privacy Act has ten National Privacy Principles (NPPs) which are the base line privacy standards which apply to all large businesses, all health service providers and some small businesses and non-government organisations. If an agency or organisation breaches the Privacy Principles, the Office of the Australian Information Commissioner (OAIC) may investigate the matter. Individuals can also make a privacy complaint to the OAIC about an agency or organisation if they think their information has been mishandled.”
The Privacy Principles do not account specifically for location privacy, as they are general in their coverage and are not focused on a particular technology, as explained:
“The Privacy Principles are not prescriptive and generally do not refer to certain types of information handling such as location privacy. Rather, they offer principles about the way in which personal information should be handled, and each agency or organisation needs to apply those principles to its own situation. This ensures the Privacy Act remains sufficiently flexible and technology-neutral to encompass changes in the way that information that identifies an individual is collected and handled.”
4.2.2. Information disclosure and storage
The OAIC claimed that under NPP 2.1, personal information can only be provided for a number of functions:
“the primary purpose for which it was collected; a directly related purpose that the individual would reasonably expect; or another purpose with the individual's consent.” However, there are exceptions which include the legal requirement/authorisation to disclose/access information, in addition to the information being “necessary to lessen or prevent a serious and imminent threat to life, health or safety (or a serious threat to public health and public safety).”
Upon accessing the necessary information, there are additional provisions in place regarding information de-identification, storage and deletion in that:
“NPP 4.2 states that an organisation must take reasonable steps to destroy or permanently de-identify personal information if it is no longer needed for any purpose for which the information may be used or disclosed under NPP 2.”
The above provisions also apply to location information that fall within the category of personal information, and are only applicable to location information that can be utilised to identify individuals, and not all forms of location information. For example, an LBS which locates a consumer without specifying the name of that consumer would not necessarily be personal information. However, if that location information could be readily used to identify the name of that consumer it may be personal information.
4.2.3. Covert use of location information
In relation to the covert collection of location information, the OAIC advised that:
“NPPs 1.3 and 1.5 require an organisation collecting personal information to take reasonable steps to ensure that individuals know who collects personal information about them, the purpose of collection and what happens to the information after it is collected. This helps give individuals some control over information about themselves and helps protect against personal information being used covertly. It should also be noted that if an individual is acting in a private capacity using location information covertly, the Privacy Act will probably not apply because it does not cover the handling by individuals of other people's personal information (except in some specific situations in relation to tax file numbers, credit reporting information, individual healthcare identifiers etc). Generally, the Privacy Act provides protections against the mishandling of information by government agencies and organisations.”
4.2.4. Carrier responsibilities and warrants
The OAIC also addressed the question of secure storage and the responsibility of carriers according to the NPPs:
“Carriers or service providers who are not storing location or mobile records securely, or distributing the information without a warrant would be at risk of breaching NPPs 4 and 2 and possibly other legislation . . . NPP 4.1 provides that an organisation must take reasonable steps to protect the personal information it holds from misuse and loss and from unauthorised access, modification or disclosure. Not adhering to NPP 4 has the potential to increase the risk of unauthorised handling of personal information. Data security is an important way of ensuring that personal information is only used for permissible purposes. In deciding what are reasonable steps to ensure data security will depend on the circumstances in which personal information is held . . . NPP 2 outlines how organisations may use or disclose individual's personal information. NPP 2.1(g) permits use or disclosure of personal information for a purpose other than the primary purpose of collection where it is required or authorised by law.”
The law referred to here is related to Commonwealth, State and Territory and common law. An organisation must disclose information if stipulated in the law or if a warrant exists. A privacy breach occurs in situations where organisations provide information illegally, as described in the following excerpt from the OAIC:
“If the law does not authorise the organisation to use or disclose personal information, and the organisation does so anyway, it will be breaching the NPPs, which is an interference with privacy of an individual under section 13A of the Privacy Act.”
The OAIC elaborated on the need for judicial warrants to grant access to location information by law enforcement personnel, as justified below:
“Generally, the authority to access personal information for law enforcement purposes should be dependent on judicial authorisation. Proposals for law enforcement measures with significant effects on privacy should be necessary, effective, proportional, the least privacy invasive option, and consistent with community expectations.”
The Federal agencies explained the need for achieving a balance between individual privacy and public interest:
“The OAIC seeks to balance the privacy of individuals with the public interest in law enforcement and the regulatory objectives of government and has developed a framework (the 4A framework) to assist government agencies consider privacy in their legislative measures specifically relating to new law enforcement or national security powers.”
The intention of the 4A framework “is to bring balance and perspective to the assessment of proposals for law enforcement or national security measures with significant effects on privacy.” The framework includes the following stages: “careful analysis . . . to ensure the proposed measure is necessary, effective, proportionate . . .”; “authority by which the measure is implemented should be appropriate to its privacy implications”; “implementation of the measure should be transparent and ensure accountability”; and “periodic appraisal of the measure to assess costs and benefits.”
Additional laws are pertinent to carriers. In particular, carriers must abide by the applicable Commonwealth telecommunications legislation. The OAIC asserted that:
“[t]he Telecommunications Act 1997 (Cth) contains a number of provisions dealing with the privacy of personal information held by carriers, carriage service providers and others. Part 13 of the Act sets out strict rules for carriers, carriage service providers and others in their use and disclosure of personal information.”
The government agency noted the applicability of this legislation to the OAIC:
“The Information Commissioner has the role under the Telecommunications Act of monitoring compliance with Part 13, Division 5 of the Act. This part of the Act obliges carriers and carriage service providers to make records of all disclosures of personal information (with only a few exceptions). It also requires disclosure to law enforcement agencies in specified circumstances.”
4.2.5. Modifications to the privacy act
It was requested that the OAIC comment on whether amendments to existing privacy legislation are necessary, in order to cover appropriate aspects of location information and LBS. The stakeholder noted that expected changes to the Privacy Act will be based on a new set of principles, as described in the following statement:
“In June 2010, following the Australian Government's First Stage Response to the Australian Law Reform Commission's (ALRC) report, For Your Information: Australian Privacy Law and Practice (ALRC 108), the Government released an exposure draft of the proposed Australian Privacy Principles (APPs). The Government also referred the APPs to a Senate committee which is conducting an inquiry into the proposed reforms. The OAIC has made a submission on the draft APPs to this inquiry. The APPs will unify the current IPPs and NPPs and will be the cornerstone of a new Privacy Act.”
Of particular importance, is the technology neutral approach taken by the Australian Government, to ensure the applicability of privacy legislation to all technologies, not solely LBS. The OAIC explained this point:
“[T]he Privacy Act was designed to be technology-neutral so that it remains flexible enough to encompass changes in the way that information that identifies an individual is collected and handled. The APPs will continue this approach.”
The OAIC further noted that the APPs supersede the Unified Privacy Principles (UPPs) drafted by the ALRC, with the UPPs serving “as a template for the new principles.” The principles are expected to be applicable to emerging technologies:
“In terms of the applicability of the proposed privacy reforms to location-based services, the Australian Government's response accepted the ALRC's recommendations in accommodating developing technology in a regulatory framework. Specifically, the Government accepted Recommendation 10-1 that in exercising its research and monitoring functions, the Privacy (now Information) Commissioner should consider technologies that can be deployed in a privacy-enhancing way by individuals, agencies and organisations. The Government also accepted in principle the recommendation that the Office develop and publish guidance in relation to technologies that impact privacy.”
The OAIC has subsequently identified some technologies that impact privacy, but the published guidance is primarily consumer oriented.
The recent changes to privacy legislation address the importance of codes, and are potentially applicable to location privacy and LBS. The OAIC discussed the significance of industry codes:
“The Australian Government accepted in principle ALRC Recommendation 48-1 that the Privacy Principles should be the base standard for privacy protection and that codes should be developed to provide guidance about how some or all of the principles apply in certain contexts. The codes would apply to an industry sector or a group of organisations/agencies who engage in a prescribed practice (such as using certain tools or technologies).”
The OAIC sufficiently expressed the applicability of privacy and telecommunications legislation to location information (as a subset of personal information) at the Federal level. However, it is essential to examine the State situation through an assessment of the statement returned by the Office of the New South Wales Privacy Commissioner (Privacy NSW) in terms of benefits and concerns pertaining to LBS usage, existing legislation relevant to this study, and the dangers associated with secondary uses of LBS and the significance of privacy impact assessments.
4.2.6. Benefits and concern of LBS usage
Privacy NSW noted the benefits and concerns associated with LBS usage throughout their response. According to the State government agency, “LBS technologies can bring considerable social benefits”. These benefits can be summarised as: aiding and responding to individuals “who are at risk of harm” particularly in emergency situations and caring for children and other vulnerable individuals “who lack capacity” to care for themselves. Conversely, concerns are largely associated with undermining “a very important aspect of privacy; the reasonable expectation of freedom of movement” and subjecting individuals wearing noticeable LBS devices to “harassment or discrimination.” Concerns also exist related to intrusive unauthorised monitoring and stalking. In the workplace, additional dangers come in the form of employers pressuring their employees to be monitored or otherwise risk losing their job/income. The “irreparable damage to relationships once surveillance becomes apparent to the subject” was also cited as a significant concern by Privacy NSW. Fig. 2 summarises the benefits and concerns from the perspective of Privacy NSW.
4.2.7. Applicable laws in NSW
Privacy NSW identified several laws applicable to this investigation at the State and Federal levels. Privacy NSW described the current regulatory environment as “patchy”, explicitly in relation to “Australian privacy laws generally and of surveillance legislation in particular” suggesting “that nationally consistent expectation of privacy governing the use of surveillance devices such as LBS is, at this point in time, not possible.” Nonetheless, an examination of existing legal provisions is required, commencing with the Privacy and Personal Information Protection (PPIP) Act 1998 (NSW) and the Health Records and Information Privacy (HRIP) Act 2002 (NSW). Privacy NSW maintained that these laws are applicable to LBS to a certain degree, but are not necessarily suitable for all scenarios, as: “those laws do not regulate particular forms of privacy invasive technologies nor do they regulate the actions of individuals acting in their private capacity . . . With the exception of provisions for the prosecution of individuals who have corruptly disclosed or offered to supply personal information.”
Another piece of legislation exists in the Surveillance Devices Act 2007 (NSW) (NSW SD Act) which “regulates particular surveillance devices including LBS devices”, in addition to the Workplace Surveillance Act 2005 (NSW) (NSW WS Act) which “regulates the use of such devices in the workplace.” Privacy NSW elaborated on the specifics of the NSW SD Act, stating that:
“[t]he NSW SD Act limits the circumstances in which ‘any electronic device capable of being used to determine or monitor the geographical location of a person or an object’, defined as a ‘tracking device’ may be used [that is, consent is mandatory]. . . This prohibition does not apply to the installation, use or maintenance of a tracking device in accordance with a warrant, emergency authorisation, the installation, use or maintenance of a tracking device in accordance with a law of the Commonwealth or the installation, use or maintenance of a tracking device for a lawful purpose.”
Similarly a number of conditions must be flagged in relation to the NSW WS Act. That is:
“the NSW WS Act requires that tracking surveillance of an employee may only be carried out if the employee is given 14 days' notice that the surveillance is to be used and there is a clear notice on the vehicle or thing being tracked” [where tracking surveillance refers to] “surveillance by means of an electronic device the primary purpose of which is to monitor or record geographical location or movement (such as a Global Positioning System tracking device)”.
These laws, and several others, are particularly significant with reference to key LBS issues. Table 4 provides a summary of relevant legislation for each issue, compiled using Privacy NSW's official response.
Table 4. Summary of NSW legislation identified by Privacy NSW as relevant to issues.
- Information Protection Principles (IPPs) in the Privacy and Personal Information Protection Act 1998 (NSW)
- Health Privacy Principles (HPPs) in the Health Records and Information Privacy Act 2002 (NSW)
- Workplace Surveillance Act 2005 (NSW)
Locating children/other family members
- Crimes Act 1900 (NSW)
- Surveillance Devices Act 2007 (NSW)
- Privacy laws are not applicable for “individuals acting in their private capacity”
- Workplace Surveillance Act 2005 (NSW)
Covert spousal and unauthorised tracking
- Surveillance Devices Act 2007 (NSW)
- Privacy Act 1988 (Cth)
Further clarification is offered below, as to the major law(s) associated with the respective issues:
• Emergency management:
“NSW emergency management agencies such as NSW Fire Brigades, the Rural Fire Service and the NSW Ambulance Service are public sector agencies which are bound to comply with the Information Protection Principles (IPPs) in the PPIP Act and the Health Privacy Principles (HPPs) in the HRIP Act. The IPPs and the HPPs include exceptions for the disclosure of personal and health information in where the disclosure would lessen or prevent a threat to any individual [Section 18(1)(c) PPIP Act, HPP(1)(c)]. In addition, NSW public sector agencies may collect personal information from third parties in circumstances where the collection would benefit the individual to whom the information relates [Section 23(2) PPIP Act]. . . It is possible that the use of LBS in the Emergency Management context could constitute workplace surveillance and therefore be subject to the NSW WS Act.”
• Locating children/other family members:
“[T]he actions of individuals acting in their private capacity are not regulated by privacy laws [Crimes Act 1900 (NSW) is applicable in this instance]. However, it's possible that the use of LBS by individuals acting in their private capacity could be subject to the SD Act.”
• Employee monitoring:
“[T]he NSW WS Act limits the circumstances in which an employee can be required to be surveilled through a tracking device.”
• Covert spousal tracking and unauthorised tracking:
“As noted above, privacy laws do not apply to the actions of individuals acting in their private capacity, although it is possible that such surveillance is regulated by the NSW SD Act. If spousal monitoring is carried out through a commercial arrangement by a third party such as a private enquiry agent, it is possible that the information collected by the agent could be subject to the Privacy Act 1988 (Cth) if the agent was found to be disclosing the information for a ‘benefit’ service or advantage or if the agent is employed or engaged by an ‘organisation’ as defined in that Act. If this is the case the agent must comply with the National Privacy Principles (NPPs) in that Act and in particular, he or she must not collect the information ‘in an unreasonably intrusive way’.”
Privacy NSW recommended that this investigation of LBS regulation in Australia incorporate additional technology with location capabilities
“such as live stream video surveillance, RFID, satellite photography, hand-held and mobile phone cameras and transport smart cards all have the capacity to plot the whereabouts of an individual at a particular point in time without their knowledge.”
4.2.8. Secondary uses of LBS and privacy impact assessments
Privacy NSW argued that a significant challenge related to emerging technologies “is the phenomenon known as ‘function creep’ in which secondary uses are found for technologies.” The imminent dangers were reflected upon by the government agency:
“These secondary uses can pose significant risks to privacy if they involve new collections or uses of personal information, especially if subject individuals have not been given the opportunity to opt out of these new uses. In the case of LBS, function creep would occur if a company failed to disable an Radio Frequency Identification Device (RFID) in an item of clothing (originally used for the purpose of tracking the item to a retail outlet) to monitor a customer's movements following purchase in order target their advertising to that individual.”
Privacy NSW suggested that Privacy Impact Assessments be employed as suitable techniques to deal with secondary uses of technologies, as explained in the subsequent quotation:
“One means of minimising function creep in LBS devices is to undertake a Privacy Impact Assessment (PIA) prior to the introduction of the device onto the market or into the workplace. A PIA should scope the intended purposes of the device, identify any possible secondary uses and whether they might be employed and if so, how the subject individuals might be notified and given the opportunity to opt out of those uses. . . Ideally, a PIA should be carried out at an early stage in the consideration and development of location information technology in order to identify privacy risks and manage those risks appropriately. Failure to consider and to mitigate harm to the privacy of individuals posed by such technologies could have substantial impact on the privacy of individuals and could affect the uptake of a particular LBS product.”
According to Privacy NSW, the PIA should ideally incorporate an assessment of the regulatory situation in view of the dangers pertaining to privacy and suggest amendments where necessary:
“A PIA should also consider whether the existing regulatory environment adequately addresses the privacy risks associated with the application of LBS for particular purposes. It may be necessary to amend existing privacy laws to provide for specific privacy protections relating to location information.”
4.3. Emergency-related themes
The official statements and correspondence received from emergency-related government agencies indicated that in order to gain an appreciation of LBS emergency applications, it was essential to consider the use of the technology for various purposes. These include for national emergency warning capabilities, and also emergency management and incident response.
4.3.1. Emergency warning capabilities
In terms of national emergency warning capabilities, the Department of Justice Victoria is spearheading on behalf of all States and Territories, excluding Western Australia, through the “Location Based Telephony Emergency Warning Capability Project”. Further explanation regarding the nature of the project was supplied by the Department in its official statement:
“A recently completed feasibility study offered a unique opportunity for Australian Governments to extensively evaluate and trial the current ability of carriers in Australia to deliver emergency warnings to unknown mobile telephones (itinerant phones) located within a selected geographical area. The study confirmed that a mobile telephone location based emergency warning capability is technically feasible.”
The Department of Justice Victoria explained the role of Victoria with respect to these capabilities:
“In September  the Commonwealth Government announced that it would fund the establishment of this capability. Victoria, on behalf of all States and Territories will lead the negotiations with the mobile telephone carriers. The project has received a high level of public interest and scrutiny. The project conforms to government probity and procurement guidelines. The project must be able to demonstrate high levels of integrity in process whilst pursuing value for money outcomes for governments and meeting the public interest.”
The response received from the Department of Justice Victoria also noted that many location based services scenarios were largely centred on situations in which telephone number or SIM information was available, stating that “this will not be the case for location based telephony emergency warning.” Apart from high-level information, the State government body declared that “[i]t is not appropriate at this time for the Department to participate in any research project that may in any way influence the negotiation outcomes.” Minimal information was collected in relation to LBS regulatory issues.
The same situation applied for the South Australian Fire and Emergency Services Commission (SAFECOM), a State government body “tasked with the responsibility of managing the National Emergency Alert telephone warning system within the State.” SAFECOM's official statement lacked sufficient detail with respect to LBS regulation, rather claiming that the Department of Justice Victoria should be contacted given that the Department was in command of the national emergency warning project, as explained in the following excerpt from SAFECOM:
“The use of the system by South Australia is governed by inter-governmental agreement and as such SAFECOM would wish to defer your enquiry to the Victorian Department of Justice who are the lead agency on behalf of all State and Territory jurisdictions with the exception of Western Australia.”
4.3.2. Emergency and incident response
With respect to emergency management and incident response, the Queensland Department of Emergency Services/Community Safety provided insight into the LBS solutions employed throughout the State, claiming that: “[i]n Queensland there have been several recent developments and initiatives in relation to the enhancement of location-based services and their ability to effectively manage and respond to emergency incidents.”
According to the State government body, LBS have been selectively deployed in various regions throughout Queensland, relying on the implementation of Automatic Vehicle Locators (AVL) and an electronic dispatch system by the Queensland Ambulance Service (QAS) and the Queensland Fire and Rescue Service (QFRS). Details of the implementation were provided:
“The Emergency Services Computer Aided Dispatch (ESCAD) system is an integrated system which uses the last known vehicle location (provided by AVLs) to present a set of recommendations indicating the closest available and most appropriate vehicles to respond to an incident created on ESCAD. Location information for vehicles is provided using Global Positioning System (GPS), and is updated regularly. The data updates are applied every 250 metres for mobile vehicles, and every 15 minutes for stationary vehicles. The AVLs enable communication centres to automatically locate each vehicle and dispatch the closest available resource to the highest priority incident. The QAS and QFRS currently have AVLs installed in operational vehicles in the Brisbane, Gold Coast and Sunshine Coast regions. In the future, it is planned to roll out AVLs to all regions in Queensland.”
It was not possible to obtain further information and elaboration in regards to the nature of the LBS emergency systems deployed in Queensland, or comments regarding the discussion, although such clarification was requested. No official statements were offered concerning LBS regulatory issues relevant to emergency management and incident response personnel. When compared with responses from privacy-related agencies, the responses from emergency-related stakeholders were not extensive. This can possibly be attributed to the fact that LBS-enabled emergency capabilities are not yet fully developed, and thus government agencies may be reluctant to engage in any discussion.
The research found a range of themes from the responses of the two groups of agencies. These agencies are bound by the legal and regulatory regimes flowing from policy at either a federal or state/territory level. Although the thematic response was much stronger from the privacy-related government stakeholders than the emergency-related government stakeholders, the level of issues identified by participants might reasonably be expected to generate policy changes. That is, the threshold “trigger” of an identified problem set out in Section 2 is likely to have been met and one would expect that there would be major changes occurring in policy to reflect the emergence of LBS and its application to privacy-related and emergency-related government agencies. However, the major changes that reflect the introduction of LBS technologies have been in the area of telecommunications interception at a Federal level (see, for example, Nicholls, 2012).
The issue appears to be either:
(a) that none of the agencies that responded have identified a problem large enough to initiate policy change; or
(b) that none of the agencies has the relevant power to initiate policy change even if they have identified a problem.
For example, the OAIC identified that location information of itself is not personally identifying information. To the extent that an LBS deals with personally identifying information, the location element is irrelevant to the OAIC. As a result, no policy change is required. Indeed, after the research project was complete, the Privacy Act 1988 (Cth) was amended by the Privacy Amendment (Enhancing Privacy Protection) Act 2012 (Cth) which replaced the National Privacy Principles with the Australian Privacy Principles. These changes were expected as set out above in Section 4.2.5 above. In making the policy changes to the privacy principles in Australia, there were both:
(a) an understanding of the issues associated with LBS technology; and
(b) an awareness of the potential for LBS applications to create privacy issues.
Evidence of this is provided by the OAIC guidance on these matters referred to above. However, there was no trigger to start the policy cycle. That is, there was no political problem that was large enough to require a solution. In effect, the storage location of data was a more important issue than the location information.
At a state level, Privacy NSW identified the concerns that are set out in Fig. 2. However, there was no significant direct concern that would initiate a policy change. The calls for a “Privacy Impact Assessment” are calls for the vendors of LBS technology to consider issues. In effect, it was a call for self-regulation in the absence of a policy initiative that might have led to regulatory change. It opens the door to subsequent policy initiatives as the failure of self-regulation may be the type of system failure identified in Section 2.2 above.
In the case of emergency-related government agencies, the responses indicated that the relevant agencies were using LBS. As a result, LBS technologies were regarded by the agencies as process tools, rather than policy drivers. There was likely to have been a review of the regulatory and legal frameworks for LBS technologies as tools for emergency-related government agencies. However, there would only need to be a policy change required if the LBS tools were not available to the emergency-related government agencies.
What did not flow from the responses of the emergency-related government agencies was an answer as to what the LBS tools were being used for. That is, the existing policy position did not exhibit transparency and there was no expectation of transparency flowing from any policy change. This is consistent with the expectation of Pareto efficiency set out in Section 2.3 above.
This article provided the views of key government agency stakeholders in Australia on the use of LBS in privacy-related and emergency-related areas. It presented a thematic analysis which is distinct from other approaches that focus on the views of end-users of LBS and provides an insight into the likely drivers for policy change from government agency stakeholders.
The theoretical perspective offered by the paper used the concepts of an Australian policy cycle and the driver of evidence-based policy-making. There were two key inferences from the theoretical perspective provided in the article. The first is that a threshold or trigger point needs to be met in order for policy change to be initiated. That threshold is dependent on the identification of a problem by a government stakeholder agency and whether the identifying agency has the power to initiate change. The second is that the policy-making processes do not have transparency as a policy outcome. This second issue is compounded by the extent to which consumers are stakeholders in policy analysis. That is, transparency may not be a policy input and is therefore not a policy outcome.
When these theoretical perspectives were applied to the thematic analysis of the government stakeholders, the analysis showed that the privacy-related government stakeholders did not find any significant direct concern that would initiate a policy change and considered that self-regulation (an absence of policy change) would address concerns. Emergency-related government agencies regarded LBS technologies as process tools, rather than policy drivers.
In terms of policy practice, the findings in the article suggest that Australian government agencies in privacy-related areas are likely to focus on specific threshold questions when considering new technologies. In this article, the critical question was whether location is personally identifying information. The stakeholders did not go on to consider whether the identifiers of the device that provided the location information might reveal personally identifying information. That is, whether the information can be “de-identified” in accordance with OAIC's current guidelines. Similarly, the emergency-related government stakeholders appear to have taken a view that embeds their own use of LBS without any expectation of policy change in their own portfolio or in any other.
The authors thank Steve Saxby and an anonymous reviewer who provided many critical insights that helped the development of this article. The authors wish to acknowledge the funding support of the Australian Research Council (ARC) Discovery Grant DP0881191 titled “Toward the Regulation of the Location-Based Services Industry: Influencing Australian Government Telecommunications Policy” and under DP150100887 titled “Spectrum after Scarcity”. The views expressed herein are those of the authors and are not necessarily those of the ARC.
R. Abbas, K. Michael, M. Michael, R. Nicholls, Sketching and validating the location-based services (LBS) regulatory framework in Australia, Comput Law Secur Rev, 29 (5) (2013), pp. 576-589
D. Adams, H.K. Colebatch, C.K. Walker, Learning about learning: discovering the work of policy, Aust J Public Adm, 74 (2) (2015), pp. 101-111.
K. Ala-Mutka, D. Broster, R. Cachia, C. Centeno, C. Feijóo, A. Haché, et al., The impact of social computing on the EU information society and economy, Y. Punie, W. Lusoli, C. Centeno, G. Misuraca, D. Broster (Eds.), JRC scientific and technical reports, European Commission (2009), p. 138
J. Astroth, Chapter XV. Location-based services: criteria for adoption and solution deployment, B.E. Mennecke, T.J. Strader (Eds.), Mobile commerce: technology, theory and applications, Idea Group Publishing, Hershey, US (2003), pp. 268-278
G. Banks, Challenges of evidence-based policy-making, Australian Government Productivity Commission, Australian Public Service Commission (2009)
A. Barreras, A. MathurChapter 18. Wireless location tracking, K.R. Larsen, Z.A. Voronovich (Eds.), Convenient or invasive: the information age, Ethica Publishing, United States (2007), pp. 176-186
H.H. Bauer, S.J. Barnes, T. Reichardt, M.M. Neumann, Driving the consumer acceptance of mobile marketing: a theoretical framework and empirical study, J Electron Commer Res, 6 (3) (2005), pp. 181-192
P. Bridgman, G. Davis, The Australian policy handbook, (Third ed), Allen & Unwin, Crowes Nest, NSW (2004)
B. Chapman, Reflections on four Australian case studies of evidence-based policy, Chapter 5; Strengthening evidence-based policy in the Australian federation roundtable proceedings, (2009), pp. 109-125
G. Cho, Geographic information science: mastering the legal issues, John Wiley & Sons Inc, Hoboken, NJ (2005)
R. Clarke, M. Wigan, You are where you've been: the privacy implications of location and tracking technologies
I.D. Constantiou, C. Lehrer, T. Hess, Changing information retrieval behaviours: an empirical investigation of users' cognitive processes in the choice of location-based services, Eur J Inf Syst, 23 (5) (2014), pp. 513-528
E. Danneels, Disruptive technology reconsidered: a critique and research agenda, J Prod Innov Manage, 4 (2004), pp. 246-258
M. Dodgson, A. Hughes, J. Foster, S. Metcalfe, Systems thinking, market failure, and the development of innovation policy: the case of Australia, Res Policy, 40 (9) (2011), pp. 1145-1156
P. Edwards, J.H. Farrington, C. Mellish, L.J. Philip, A.H. Chorley, F. Hielkema, et al., E-social science and evidence-based policy assessment, Soc Sci Comput Rev, 27 (4) (2009), pp. 553-568
G. Elliot, N. Phillips, Mobile commerce and wireless computing systems, Pearson Education Limited, Great Britain (2004)
A. Fenna, Introduction to Australian public policy, Addison Wesley Longman Australia Pty Limited, South Melbourne (1998)
G.M. Giaglis, P. Kourouthanassis, A. TsamakosChapter IV. Towards a classification framework for mobile location-based services
B.E. Mennecke, T.J. Strader (Eds.), Mobile commerce: technology, theory and applications, Idea Group Publishing, Hershey, US (2003), pp. 67-85
B. Head, Research and evaluation: three lenses of evidence-based policy, Aust J Public Adm, 67 (1) (2008), pp. 1-11
B. Head, Evidence-based policy: principles and requirements, Chapter 2; Strengthening evidence-based policy in the Australian federation roundtable proceedings, (2009), pp. 13-26
M. Howlett, Tan S.L., A. Migone, A. Wellstead, B. Evans, The distribution of analytical techniques in policy advisory systems: policy formulation and the tools of policy appraisal, Public Policy Adm, 29 (4) (2014), pp. 271-291
H.A. Jacobsen, Chapter 4. Middleware for location-based services, J. Schillar, A. Voisard (Eds.), Location-based services, Morgan Kaufmann/Elsevier, San Francisco, CA(2004), pp. 83-114
A. Küpper, Location-based services: fundamentals and operation, Wiley, Chichester (2005)
A. Küpper, G. Treu, Next generation location-based services: merging positioning and web 2.0, Yang L.T., A.B. Waluyo, Ma J., Tan L., B. Srinivasan (Eds.), Mobile intelligence, John Wiley & Sons Inc, Hoboken, NJ (2010), pp. 213-236
X.R. Lopez, Chapter 6. Location-based services, H.A. Karimi, A. Hammand (Eds.), Telegeoinformatics: location-based computing and services, CRC Press, Boca Raton, FL (2004), pp. 171-188.
S. Maddison, R. Denniss, An introduction to Australian public policy: theory and practice, Cambridge University Press, Port Melbourne, Vic. (2009)
C.T. Marsden, Cyberlaw and international political economy: towards regulation of the global information society, L.Rev MSU-DCL, 2 (355) (2001), pp. 356-400
K. Michael, A. Masters, The advancement of positioning technologies in defense intelligence, H. Abbass, D. Essam (Eds.), Applications of information systems to homeland security and defense, Idea Publishing Group, USA (2006), pp. 196-220
K. Michael, M.G. Michael, Chapter 1. Editorial: what is evidence-based policy (EBP)? K. Michael, M.G. Michael (Eds.), Australia and the new technologies: evidence based policy in public administration, IP Location-Based Services Research Program (Faculty of Informatics), University of Wollongong, Wollongong, NSW (2008), pp. 11-16
K. Michael, A. McNamee, M.G. Michael, The emerging ethics of humancentric GPS tracking and monitoring, International conference on mobile business, IEEE Computer Society, Copenhagen (2006), pp. 1-10
R. Nicholls, Right to privacy: telephone interception and access in Australia, IEEE Technol Soc Mag, 31 (1) (2012), pp. 42-49
J. Nill, R. Kemp, Evolutionary approaches for sustainable innovation policies: from niche to paradigm? Res Policy, 38 (4) (2009), pp. 668-680
V. Pareto, Translation of Manuale di economia politica (“Manual of political economy”), A. M. Kelley, New York (1971)
L. Perusco, Using scenario planning in the evaluation of information security applications, K. Michael, M.G. Michael (Eds.), The social implications of information security measures on citizens and business, 2006, University of Wollongong, Centre for eBusiness Application Research (CeBAR), School of Information Technology and Computer Science, Wollongong, Australia (2006), pp. 105-120
L. Perusco, K. MichaelControl, trust, privacy, and security: evaluating location-based services, IEEE Technol Soc Mag, 26 (1) (2007), pp. 4-16
A. Sen, Collective choice and social welfare, Holden-Day, San Francisco (1970)
N. Shiode, Li C., M. Batty, P. Longley, D. Maguire, Chapter 12. The impact and penetration of location-based services, H.A. Karimi, A. Hammand (Eds.), Telegeoinformatics: location-based computing and services, CRC Press, Boca Raton, FL (2004), pp. 349-366
S. Spiekermann, Chapter 1. General aspects of location-based services, J. Schillar, A. Voisard (Eds.), Location-based services, Morgan Kaufmann/Elsevier, San Francisco, CA(2004), pp. 9-26
J. Turnpenny, C.M. Radaelli, A. Jordan, K. JacobThe policy and politics of policy appraisal: emerging trends and new directions, J Eur Public Policy, 16 (4) (2009), pp. 640-653
A.R. Warburton, Quasiconcave vector maximization: connectedness of the sets of Pareto-optimal and weak Pareto-optimal alternatives, J Optim Theory Appl, 40 (4) (1983), pp. 537-557
Zhou T.The impact of privacy concern on user adoption of location-based services, Ind Manage Data Syst, 111 (2) (2011), pp. 212-226
Zhu T., Wang C., Jia G., Huang J.Toward context-aware location based services, 2010 international conference on electronics and information engineering (ICEIE 2010), (2010), pp. 409-413
Keywords: Location based services, LBS, Government agency, perspectives, Regulation, Regulatory design, LBS regulation, LBS legislation
Citation: Roba Abbas, Katina Michael, M.G. Michael, Rob Nicholl, "Key government agency perspectives on location based services regulation", Computer Law & Security Review, Vol. 31, No. 6, December 2015, pp. 736-748. DOI: https://doi.org/10.1016/j.clsr.2015.08.004