My Research Programme (2002 - Now)

Location-based services (LBS) regulatory framework in Australia

Abstract

Location-based services (LBS) are defined as those applications that combine the location of a mobile device associated with a given entity (individual or object) together with contextual information to offer a value-added service. LBS solutions are being deployed globally, and in some markets like Australia, without appropriate regulatory provisions in place. Recent debates in Australia have addressed the need to bridge the gap between technological developments and legal/regulatory provisions. This requires an assessment of the regulatory environment within a given social context such as Australia. The core components of such an investigation include: (a) composing a conceptual framework for analysing regulation of technologies such as LBS, one that is sensitive to public policy themes and challenges, and (b) applying this conceptual framework to the Australian setting in order to sketch and define the components of the present framework, and identify areas for improvement through a process of validation. This paper addresses these aims, demonstrating how the current regulatory framework in Australia is bound by legislation with respect to privacy, telecommunications, surveillance, and national security (that is, anti-terrorism), in addition to a set of industry guidelines for location-service providers (LSPs). The existing Australian framework, however, is lacking in its coverage and treatment of LBS and location data, and does not adequately address the themes and challenges in the defined conceptual framework.

1. Introduction

Measuring the need for LBS regulation and engaging in related dialogue requires an informed understanding of regulation and public policy in general, and of existing LBS regulatory practices and frameworks. One approach is to consider regulation in the context of government and governance (Braithwaite et al., 2007, p. 3):

Governments and governance are about providing, distributing, and regulating. Regulation can be conceived as that large subset of governance that is about steering the flow of events and behaviour, as opposed to providing and distributing.

That is, regulation is concerned with “the effects of actions, not on the actions or the means of the actions themselves” (Koops, 2006, p. 6). Various theories and approaches to regulation exist. According to the Australian Law Reform Commission (ALRC), regulatory theory (in relation to information privacy) may include principles-based and compliance- or outcomes-oriented methods (ALRC, 2008, pp. 234–40).

Public policy, on the other hand, can take on various definitions and may involve ambiguity (Bridgman and Davis, 2004, p. 3). In simple terms, public policy is “about what governments do, why, and with what consequences” (Fenna, 1998, p. 3). However, there are a variety of interpretations of the term, as summarised by Maddison and Denniss (2009, pp. 3–4) based on the work of numerous authors in the public policy sphere. Importantly, the authors state that regardless of interpretation, public policy can be viewed in one of two ways: either as “the result of authoritative choice” in which government ministers play a dominant role in decision-making, or as “the result of structured interaction” involving cooperation between players and appreciation of conflicting interests (Maddison and Denniss, 2009, p. 4). That is, regulation is a set of rules designed to govern the operation and intervention of stakeholders. This operation is often in a market setting and thus lends itself to economic analysis (Stigler, 1971). Stigler's work recognised the strong interactions of the regulated with a regulator in the implementation of regulation and its enforcement. This paper similarly argues that regulation and public policy-making processes in the technology realm rely on a process of collaboration and consultation amongst industry stakeholders. With respect to regulatory choices regarding LBS, interaction between government and industry stakeholders is necessary given that the delivery of a given solution is reliant on the involvement of a range of stakeholders such as wireless network operators and handset vendors.

For the purpose of this paper, it should be noted that regulation and public policy-related processes are complex practices that vary from one context to the next and evolve as new debates emerge whereby existing processes and regulatory mechanisms must be reassessed. This interaction is made more complex in the Australian Federal environment where the constitution determines that some aspects of LBS are legislated at a national level and some at a state level. This necessitates an appraisal of current State and Federal legislation relevant to LBS in a manner that allows the regulatory framework and existing measures to be drawn, subsequently allowing the outcomes to be employed as the basis for future work. As such, this paper aims to develop a conceptual framework detailing how to examine LBS regulation, subsequently applying the framework to the Australian case. The outcome will be a sketch of the current LBS regulatory environment in Australia and the subsequent validation of the existing regime. An aspect of Australian law that assists this inquiry is the common approach taken by the States to their legislation. This common basis with a focus on Federal law means that this paper can provide a preliminary sketch of the existing national framework.

Current literature and studies relating to the LBS regulatory environment note that suitable regulatory frameworks are essential to industry development, from the perspective of safeguarding the interests of multiple stakeholders, notably, providers and users, in addition to government entities and society as a whole. Such frameworks should ideally address the ethical dilemmas and social implications of LBS, whilst also being sensitive to the regulatory and public policy challenges associated with emerging technologies in general. Furthermore, and in light of the divergent uses of LBS, Dobson and Fischer (2003, p. 51) call for protective mechanisms that enable the “legitimate uses”, while preventing undesirable exploitation. Similarly, Smith (2006, p. 725) acknowledges the potential benefits, whilst also suggesting further legislation to safeguard personal location information. The significance of adequate regulatory provisions is two-fold. First, regulation encourages fairness and consistent rules for providers. Second, regulation functions to safeguard individuals thereby increasing their support and trust in LBS (Cuijpers and Koops, 2008, p. 881; FIDIS, 2007, p. 10).

Regardless of the potential benefits of LBS, authors such as Clarke and Wigan (2011)indicate that LBS “have far outstripped both public awareness and legal and policy attention”, a situation they claim is exceedingly risky. The consequences of lack of regulation, specifically of tracking services and control over location histories by government, organisations and interested individuals, are great in terms of privacy in particular (Barreras and Mathur, 2007, p. 177). Cho (2005) claims that while concerned individuals are advocating regulation (p. 209) others are advancing the self-regulation movement (p. 253). Determining the most suitable response is indeed a challenge, one that requires the current regulatory environment and/or framework to be mapped out. However, it has been suggested that a single approach to regulation, such as legislation or self-regulation for instance, will fail to suffice. Xu et al. (2009, p. 163) agree that a single approach to regulating privacy in particular will not account for the interests of the diverse stakeholders comprising the LBS industry. Herbert (2006, p. 437), on the other hand, recommends an elementary reassessment of the manner in which emerging technologies, such as human tracking technologies, affect privacy as the basis for initiating a suitable legal response. In fact, the same sentiments apply for any regulatory issue associated with LBS. That is, a fundamental re-evaluation of the implications of LBS, in conjunction with an understanding of the regulatory and public policy challenges that apply, is indispensable.

The following section offers an overview of the significant themes and challenges pertaining to LBS regulation thereby providing a conceptual framework for examining LBS regulation; Section 3 introduces the Australian framework by applying the conceptual framework drawn from Section 2; Section 4 summarises and validates the main components in the Australian framework, noting areas for future research and Section 5provides the concluding remarks for this paper.

2. Conceptual framework for analysing LBS regulation

It is essential that a conceptual framework for LBS regulation be built on a preliminary understanding of the regulatory and public policy challenges associated with emerging technologies such as LBS. It has been noted that regulatory challenges in the LBS domain stem from the mounting gap between technology deployment and the employment of appropriate safeguards, legal or otherwise, to govern various aspects of LBS. For instance, in relation to modern surveillance technologies, Marx (1999, p. 63)observes the increasing gap between technological potential and present measures designed to offer protection. This gap has long been attributed to a lack of response in social and political spheres (Clarke, 2001, p. 13). Relevant scholarship is generally focussed on the inability for law to reflect technological change, a perspective that Moses (2011, p. 787) feels requires adjustment, given the mutually shaping characteristics of law and technology and the belief that “[t]he law should not race ahead by anticipating technological trajectories that may never come to pass. Rather, a useful goal should be to have mechanisms in place to ensure that law is designed around the socio-technical landscape of the present or, more realistically, the recent past.”

Aside from the interaction between technology and law, the study of regulation according to Svantesson (2011, pp. 243–245), often introduces researchers to a persistent set of themes which are centred on the claims that: (a) technological development will inevitably out-pace law-making processes, (b) legal professionals possess inadequate knowledge of technology, (c) globalisation and internationalisation necessitate consideration of multiple jurisdictions, and (d) the growth potential of technology has not been realised in domains such as e-commerce. While originally recommended for the internet regulation context, Svantesson's work is utilised as the basis for this framework in that it offers a clear summary of the themes relevant to all technological domains including LBS. Importantly, Svantesson's work posits that a successful regulatory framework must be sensitive to numerous challenges specific to the regulation of emerging technologies. However, that sensitivity does not mean that regulation has to be technologically determinative. A well-designed principles-based regulatory regime can address each of these four issues.

Fig. 1 provides a summary of these challenges, which have been derived from the secondary literature sources cited in this paper, in addition to a summary of Svantesson's primary themes which directly impact on the challenges. The distinct challenges are discussed below which when combined form a conceptual framework upon which the existing Australian framework and regimes in other contexts can be validated.

Fig. 1. Conceptual framework for examining LBS regulation and the associated regulatory themes impacting on the framework.

2.1. The Australian policy and regulatory context

Regulation refers to the set of rules which apply to a specific environment. These rules might be prescriptive and enforced rigidly, or they may be set by agreement between the entities being regulated. A regulatory environment can be likened to the rules for playing a game. In a regulated industry, there may be legislation, subordinate legislation made under specific laws (confusingly, often called regulations) and a set of conventions, adopted by stakeholders, which form part of the rules. In the Australian context, the rules can be changed by: changing the legislation; changing the subordinate legislation; by ministerial determination; by regulator action; or by stakeholders changing self-regulatory or co-regulatory codes.

Any changes are complicated by the Australian convention of amending legislation much more regularly than repealing and replacing it. By convention, amending legislation is named differently to the amended act. For legislation introduced since about 1990, the intention of legislation is set out in a section of the law entitled “Objects of the Act”. This section is intended to set out the principles behind the legislative framework. In the Australian context, these principles are generally designed to be general and not technology-specific. However, subordinate legislation may be technologically determinative, even if the primary legislation is not.

2.2. Technology-specific versus technology-neutral

A primary regulatory challenge exists in determining the suitability of technology-specific versus technology-neutral legislation. A popular belief in selected literature and in the government domain is the need for inclusive legislation that is broad enough to apply to present and future technologies, ensuring that laws remain up-to-date. This is the basic premise underlying the technology-neutral approach to legislation which “appears to have three main aims: future proofing, online and offline equivalence, and encouraging the development and uptake of the regulated technology” (Reed, 2007, p. 275). This approach is often incorrectly perceived in a positive sense, disregarding the fact that “technology-neutral language” does not necessarily account for the dynamic nature of technological change (Moses, 2007, p. 270). It has been argued by Koops (2006, pp. 5–6)that the phrase technology-neutral can imply different meanings and be examined from regulatory, technological and legislative perspectives (p. 26). For a comprehensive treatment of the concept and the varying interpretations and perspectives, refer to Koops (2006) and Reed (2007). According to Australia's Privacy Commissioner with reference to the Commonwealth Privacy Act 1988, technology-neutral legislation refers to the regulation of “information handling without referring to specific technologies”, granting flexibility and ensuring relevance as new technologies emerge (Pilgrim, 2010, p. 23).

It has been argued that parliaments “are using the spurring notion of ‘technology-neutral’ legislation as one excuse for inaction” (Clarke, 2003), resulting in a situation in which “[n]ew powers are granted through technological ambiguity rather than clear debate” (Escudero-Pascual and Hosein, 2004, p. 82). However, Pilgrim (2010, p. 24) contends that adopting this approach does not necessarily mean overlooking developments in technology. Other authors also insist that “legal regulation should define principles, functions and requirements, drawn from the experience (or anticipation) of using specific technologies, rather than provisions regulating the specific technologies themselves” (Székely et al., 2011, p. 183). Yet, Reed (2007, pp. 279–280) and Moses (2007, pp. 270–274) are sceptical of whether such legislation can be achieved in the drafting process as language that accounts for technology-neutrality is difficult to adequately reflect the nature of technological evolution. Even if accomplished, Hosein (2001, p. 29) claims that the approach is deceitful as it may disregard critical factors unique to certain technologies.

An alternative approach calls for technology-specific legislation, which is not without its drawbacks. Several researchers maintain that seeking technology-specificity will produce issues relating to the future applicability of legislation in that technological progress may render the law ineffectual and redundant (Koops, 2006, p. 27; Székely et al., 2011, pp. 182–183). Nonetheless, authors such as Ohm (2010) declare that there is a compelling case for technology-specific legislation. In an article titled The Argument against Technology-Neutral Surveillance Laws, Ohm explains that technology-neutral concepts are often emphatically embraced (p. 1685). This thereby prohibits the potential benefits of technology-specificity from being garnered, even though there are several flaws in technology-neutrality whereby the benefits of the approach can be offset by limitations specifically in relation to surveillance (p. 1686). However, Ohm claims that “longevity” is an advantage of technology-neutral legislation (p. 1702) but also suggests general principles that can be applied to technology-specific legislation that will address issues of redundancy and achieving a suitable degree of specificity (pp. 1702–1710). The selection of the technology-neutral versus technology-specific approach to legislation should be perceived as a choice, and technology-neutrality should not be presumed the most suitable means of regulating technology (Reed, 2007, p. 282–283; Ohm, 2010, p. 1686).

In the Australian context, the use of technology-neutral primary legislation and technologically determinative, and more frequently amended subordinate legislation, is intended to provide both options to create an optimal regulatory environment. However in the context of LBS, the optimisation function is complicated by the fact that there is no primary or subordinate legislation on LBS. As will be shown in this paper, LBS crosses a range of regulatory regimes, all of which are optimised for the principles set out in the primary legislation. As a result, the extent to which each approach applies to LBS has yet to be examined and cannot be so until the existing regulatory landscape has been defined and reviewed. LBS are positioned in a complex and multi-faceted regulatory environment with no single LBS regulatory framework.

2.3. Legislation versus self-regulation

An additional concern, particularly for industry, is exercising caution in the introduction of legal measures so as not to stifle development of particular technologies or industries. The Telecommunications Act 1997 (Cth) at Section 5 states that telecommunications should be regulated in a manner that promotes the greatest practicable use of industry self-regulation consistent with the objects of the Act. However, the Privacy Act 1988 (Cth)and the Telecommunications (Interception and Access) Act 1979 (Cth) have no such reference.

In the context of LBS, the telecommunications sector stakeholders would anticipate self-regulation as the core of the regulatory environment. On the other hand, a privacy advocate would expect a regulatory approach which is strictly rules based (legislation and subordinate legislation). This creates a potential struggle between the two forms of regulatory implementation. In the context of online privacy, Hirsch (2010, pp. 22–33)describes this struggle. Hirsch (2010, p. 3) also claims that the self-regulation has been dominant to date. Self-regulation is an ideal approach for advancing the growth of the information and communications technologies (ICT) sector (Koops, 2006, p. 9). An overview of industry self-regulation theory and literature is presented in Hemphill (2004, pp. 83–84). While self-regulation can assume many forms, Gunningham and Rees (1997, pp. 364–365) differentiate between the individual and group approaches. The first refers to autonomous regulation by an individual entity and the second to collective regulation, an example of which is industry self-regulation requiring cooperation amongst entities. According to the authors, other distinctions can also be made relative to economic versus social factors, in addition to the level of government involvement in the self-regulation process, including the degree to which self-regulation is mandated (p. 365). There is the belief that self-regulation complemented by some form of government involvement is of greater value than self-regulation alone (p. 366).

The self-regulation approach is typically favoured by industry due to its ability to facilitate and adapt to market and technological developments, and may accompany government regulation particularly in cases where gaps in the latter exist (Cleff, 2010, p. 162). The approach is frequently expressed as a fitting antidote to the limiting nature of legislative action. For example, O'Connor and Godar (2003, pp. 257–260) argue that industry self-regulation is preferable to legislation, eliminating the need for restrictive laws that hamper progress within the industry as was the case in the telemarketing arena. The researchers also state that self-regulatory measures should be developed with sensitivity to ethical concerns, otherwise they will be perceived unfavourably by consumers (O'Connor and Godar, 2003, p. 259). Only then can self-regulation demonstrate potential and be beneficial. Theoretical benefits include “speed, flexibility, sensitivity to market circumstances and lower costs”, but practically self-regulation generally falls short of these expectations (Gunningham and Rees, 1997, p. 366).

This is due to self-regulation being criticised as a means of avoiding State involvement and other forms of regulation (Gunningham and Rees, 1997, p. 370; Clarke, 2003), enabling industry to achieve its goals to the detriment of the public. Furthermore, the capacity for self-regulation to address societal concerns, such as consumer privacy, is questionable due largely to the lack of transparency, and as such the approach can merely serve as an adjunct to government regulation (Cleff, 2010, p. 162). Industry self-regulation should nonetheless be considered earnestly, although an understanding of its dimensions and known restrictions is indispensable (Gunningham and Rees, 1997, p. 405). Self-regulation and industry involvement in regulatory processes may be beneficial to consumers and other stakeholders. However, validating its value when compared with legislation requires an assessment of the level of independent oversight that exists, the manner in which self-regulation is implemented and the extent to which it complements present legislation and regulatory mechanisms.

2.4. Multiple and competing stakeholder interests

In considering the balance between rules-based regulation and self-regulation, a notable challenge emerges surrounding the importance of accounting for multiple and competing interests. That is, how the views of multiple stakeholders can be integrated without creating “regulatory capture” (see for example, Dal Bó, 2006) by the stakeholders with the greatest commercial or political power. This may theoretically be achieved by employing the co-regulatory approach to regulation. While the co-regulatory approach is an involved process that embodies countless complexities and facets (Hirsch, 2010, pp. 6–8, 41–46), and has been regarded a promising means of collaboratively managing multiple interests, it is also essential to recognise that such collaboration will involve reconciling rival perspectives. From the discussion above, it is apparent that certain entities will favour particular forms of and approaches to regulation. For example, there is often opposition from the technical and scientific communities in relation to legislation, which is typically perceived as a possible impediment to the technology development process (Székely et al. 2011, p. 183). Such communities are generally in favour of self-regulation and technology-based approaches in that they ensure industry progress is not hindered. However, these sentiments are not supported by all stakeholders. The LBS industry, with its varied value chain, consists of a wide range of stakeholders and its composition is dependent on a given LBS solution.

2.5. Flexible regulatory structures

In addition to being sensitive to varying stakeholder interests, a regulatory environment must be cognisant of the rapid and/or continual changes caused by technological innovations. This may require contemplation of flexible regulatory structures. However, it is likely that a regulatory framework would have no greater level of flexibility as a standards body dealing with the same innovations. For the purpose of this discussion, flexibility simply refers to the general need for the regulatory environment to deal with constant technological change. This is an important element as the pace of technological development and usage “raises the question whether law in general manages to keep up” (Cleff, 2010, p. 161). The level of flexibility does not require the law to “keep up”. Rather, it requires the regulatory environment to be able to flex. Nonetheless, the introduction of flexible regulatory structures capable of adapting to and incorporating developments in technology remains a challenge, one which technology-neutrality and self-regulation attempt to surmount. The introduction of adaptable structures demands a nuanced understanding of the nature of emerging technologies, and related legal and ethical challenges. Székely et al. (2011, p. 183) claim this to be an issue, given that a relatively limited number of legal experts possess such knowledge, a claim supported by Svantesson (2011, p. 244).

It is within this multi-faceted and intricate regulatory environment that the need for LBS regulation in Australia must be investigated, an environment that is characterised by diverse approaches to ICT regulation and privacy, that complicate regulatory debates associated with technologies such as LBS. The following section identifies the Australian regulatory framework for LBS, which is largely legislation-based but is supplemented by self-regulation. This is followed by the application of the conceptual framework drawn together in this section to the Australian case in order to validate the existing scheme. A sketch of the LBS regulatory framework in Australia has not yet been attempted, nor has the validity of such a framework been previously measured. This paper will consequently provide the foundations for further study into the need for LBS regulation in Australia.

3. LBS regulatory framework in Australia

Research into LBS regulation is very much context-dependent as each setting will inevitably embody a distinctive approach to regulation, based on numerous factors. This approach may involve a review of existing legal frameworks, for example, in addition to an assessment of the unique cultural, political, economic and other factors that define such regulatory frameworks. These differences demand an independent reflection of respective regulatory settings. Initially, context delineates the “structured social settings with characteristics that have evolved over time (sometimes long periods of time), and are subject to a host of causes and contingencies of purpose, place, culture, historical accident, and more” (Nissenbaum, 2010, pp. 129–130). With respect to regulation and the law, context produces challenges across jurisdictions, affecting both internationalisation of legal frameworks pertaining to LBS and interpretation of laws within specific settings. Such issues are evident in the implementation of the European legal framework for LBS, in which Member States have integrated applicable European Union Directives in alternative ways, resulting in varied coverage and distinct difficulties in the respective nations, as demonstrated in a report by the FIDIS Consortium (FIDIS, 2007).

The importance of context to regulatory and public policy discussions is not restricted to the jurisdictional issues but is also apparent in sub-contexts. For example, Marx (1999, p. 46) identifies “setting” as being of particular importance in terms of LBS usability contexts. That is, a location-monitoring solution that aids a skier in the event of an avalanche is perceived in a different light to the same device being covertly installed in an individual's vehicle. To form the foundations for a context-based investigation of LBS regulation in Australia, the Australian regulatory framework for LBS is presented in this section.

The present regime in Australia is comprised of and dominated by a collection or patch-work of federal and state-based laws that relate – albeit to varying degrees – to diverse aspects of LBS, in addition to numerous industry-based codes that seek to protect the interests of consumers and organisations. With respect to legislation, federal laws relating to privacy (Cho, 2005APF, 2007ALRC, 2008Rodrick, 2009), telecommunications(APF, 2007Nicholls and Rowland, 2007Nicholls and Rowland, 2008a,bRodrick, 2009), surveillance (APF, 2007ALRC, 2008Rodrick, 2009VLRC, 2009Attorney General's Department, 2011Michael and Clarke, 2012) and national security/anti-terrorism apply (Rix, 2007VLRC, 2009Attorney General's Department, 2011Michael and Clarke, 2013). With respect to self-regulatory schemes, industry-based guidelines such as those developed by Communications Alliance and the Australian Mobile Telecommunications Association (AMTA) are of significance. The respective approaches are now examined in greater detail.

Author of Geographic Information Systems and the Law: Mapping the Legal Frontiers(1998) and Geographic Information Science: Mastering the Legal Issues (2005) is GIS and legal scholar, George Cho. Both of Cho's works analyse the legal implications of geographic information and related technologies. In the first book, Cho (1998, pp. 27–28)explains that an elementary appreciation of the legal and policy challenges associated with GIS requires disaggregation of the terms geographic, information, and systems to define issues within individual themes. The author claims that information (and data) are central to these challenges (p. 28) given their ability to “be beneficial or detrimental to individuals, groups and ultimately to society at large” (p. 31) and to symbolise various power relations (p. 130). The “double-edged” nature of GIS simultaneously grants access while also enabling abuse and invasion of privacy (p. 131), thus requiring a policy response that may be enacted through “education of the public, facilitation, regulation and the provision of incentives” (p. 166). In sketching the LBS regulatory framework throughout this paper and considering the available regulatory choices, it is crucial to be mindful of this “double-edged” nature of LBS, specifically that LBS applications and devices can enable constructive uses on the one hand and simultaneously facilitate less desirable uses on the other.

In Cho's second book (2005, pp. 17–18) he advances the discussion by outlining the intricacies characterising GIS-related policy development given the multitude of actors, the abundance of applications and the rise in m-commerce and geo- or g-commerce services. Providing introductory material relating to policy, law and the relationship between the latter and GIS, Cho maintains that policy challenges are of equivalent value to technical considerations associated with geographic information access, implementation and usage (p. 27). With respect to GPS, and tracking more specifically, the author asserts that policy debates are generally concerned with privacy and human rights violations (p. 44). The privacy threat is largely the effect of “the new inferences that may be obtained by correlating geographic information with personal information” (p. 211). In Australia, the privacy threat and its varying implications fall within the scope of a regulatory framework that has been described as “ad-hoc”, entailing approaches such as legislation and self-regulation that aim to safeguard personal and information privacy (p. 217). The framework is based on existing legal safeguards that aim to protect public and private sector handling of information in accordance with a collection of privacy principles (p. 257), notably, the Privacy Act 1988 (Cth) (see also, Privacy Amendment (Private Sector) Act 2000 (Cth); Morris, 2010). For a comprehensive listing of privacy-related legislation, including state-based laws omitted from this paper, see Clarke (2010) and APF (2007).

3.1. Privacy legislation

The Privacy Act 1988 was amended in November 2012 to introduce the Australian Privacy Principles (APP). These principles come into effect in March 2014. The APPs are a single set of principles that apply to both agencies and organisations, which are together defined as APP entities. While the APPs apply to all APP entities, in some cases, they impose specific obligations that apply only to organisations or only to agencies. The APP concerning anonymity or pseudonymity (APP 2) and cross-border disclosure (APP 8) will have an impact on LBS providers. The APPs extend the existing obligations on data collection to rebalance the rights of collectors of personal information and an individual's right to privacy. There are also stricter controls on the collection and use of sensitive information.

The Office of the Australian Information Commission (OAIC) offers further information about the APPs which cover sensitive personal information handling (OAIC, n.d.). The Privacy Act 1988 defines ‘sensitive information’ as: “information or an opinion about an individual's: (i) racial or ethnic origin; or (ii) political opinions; or (iii) membership of a political association; (iv) religious beliefs or affiliations; or (v) philosophical beliefs; or (vi) membership of a professional or trade association; or (vii) membership of a trade union; or (viii) sexual preferences or practices; or (ix) criminal record; that is also personal information” (Part II, Section 6). Sensitive information can also encompass health and genetic information. In the context of the Privacy Act 1988, personal information refers to “information or an opinion (including information or an opinion forming part of a database), whether true or not, and whether recorded in a material form or not, about an individual whose identity is apparent, or can reasonably be ascertained, from the information or opinion” (Part II, Section 6).

It has been argued that the major dilemma in relation to LBS, location privacy and existing legislation is that the location of an individual may not necessarily be regarded as sensitive personal information. However, the obligations under the Privacy Act 1988 in respect to personal information under the APP are relatively onerous. It has been argued that processed LBS data presents sizeable privacy implications (Cho, 2005, p. 258).

The 2012 amendments to the Privacy Act 1988 were guided by The Australian Law Review Commission's (ALRC, 2008) report entitled For Your Information: Australian Privacy Law and Practice. This took into account submissions such as the policy statement by the Australian Privacy Foundation (APF) on “the use of positional data relating to mobile devices as a means of locating and tracking the individuals carrying them” (APF, 2011). That is, current government policy is that the privacy legislation in Australia deals with LBS-related privacy concerns at the federal level. One state, Victoria, has attempted to address these issues through human rights legislation (Michael and Clarke, 2012, pp. 4–5).

3.2. Telecommunications legislation

Location data is not, however, only subject to privacy legislation but also falls within the scope of the Telecommunications Act 1997 (Cth) and the Telecommunications (Interception and Access) Act 1979 (Cth). These laws collectively deal with telecommunications content and data interception, disclosure and use. The Telecommunications Act 1997 prohibits the disclosure and use of telecommunications metadata and telecommunications content. This prohibition is clarified in section 275A to include location information and a limited exemption to this prohibition for the purpose of providing “location dependent carriage services” is given in section 291A. However, there is no immunity provided for LBS which do not have a carriage component.

Relevant to this discussion, the ALRC's report outlines the interaction between the Privacy Act 1988 and the Telecommunications Act 1997 noting that both laws aim to regulate privacy and various forms of information (ALRC, 2008). The Privacy Act relates to safeguarding personal information, while Part 13 of the Telecommunications Act “regulates the use or disclosure of information or a document” (ALRC, 2008, p. 2381). The review, questions whether both privacy regimes are required, outlining a number of differing stakeholder opinions (ALRC, 2008, pp. 2385–8). Furthermore, it concludes with the opinion that while there is observable “merit in the promulgation of telecommunications privacy regulations under the Privacy Act to regulate the handling of personal information” (ALRC, 2008, p. 2388), “both the Telecommunications Act and the Privacy Act should continue to regulate privacy in the telecommunications industry” (p. 2389), however, the exchange between the two laws requires clarification (p. 2391). It would have been feasible, if it were government policy, for the amendments to the Privacy Act that were made in 2012 to have a set of consequential amendments to other legislation such as the Telecommunications Act 1997. The absence of such an amendment implies that there is no policy imperative requiring such a change.

The Telecommunications (Interception and Access) Act 1979, on the other hand, is intended “to protect the privacy of personal communications by generally prohibiting interception of those communications, subject to limited exceptions in which privacy is outweighed by other considerations”, and functions alongside Part 13 of the Telecommunications Act 1997 (Nicholls and Rowland, 2007, pp. 86–87). However, the Telecommunications (Interception and Access) Act 1979 does not have the objects of the Telecommunications Act (Nicholls and Rowland, 2008a, p. 349). Significantly, the Telecommunication (Interception and Access) Act 1979 generates three regimes for intercepting telecommunications content and data. The first deals with communications metadata (including in real time), the second with stored communications, and the third is concerned with the content of communications itself (Rodrick, 2009, pp. 376–378). The regulatory framework for this legislation can be analysed by using the European Telecommunications Standards Institute (ETSI) approach set out in TS 101 671. This sets out three handover interfaces that relate to (in ascending order): the relationship between the communications operator and the law enforcement agency; the request for and delivery of communications metadata; and the request for and delivery of communications content. This is depicted in Fig. 2.

Fig. 2. Interaction between communications operators and law enforcement agencies.

In Australia, there is an obligation on all communications providers (carriers and carriage service providers) to provide assistance to law enforcement agencies. Handover Interface 1 does this by legislation and by contract with law enforcement agencies in the case of the largest carriers. Handover Interface 2 is used for the delivery of communications metadata and this does not require a warrant (Rodrick, 2009, p. 384). The absence of a requirement for a warrant in Australia and merely consideration of the target's privacy expectations in the case of real-time metadata is unusual (Nicholls, 2012, p. 49). Communications content, either stored or being carried across a network is delivered over Handover Interface 3 in response to a warrant.

Relevant to LBS and this paper, it is crucial to determine the extent to which location information falls within the scope of federal telecommunications legislation, specifically the Telecommunications (Interception and Access) Act 1979. Of particular value is ascertaining whether location information signifies telecommunications data, in which case the implications for disclosure to and access by specific agencies is great given that such data may then be lawfully “disclosed to ASIO and law enforcement agencies without a warrant and without any independent oversight” (Rodrick, 2009, p. 391). In an article titled Regulating the Use of Telecommunications Location Data by Australian Law Enforcement AgenciesNicholls and Rowland (2008b, p. 174) argue that telecommunications data, or the metadata relevant to communications including location details, are increasingly being provided to law enforcement agencies in the absence of a warrant. The authors also note that an oversight process is lacking, a situation that is inconsistent with European and US models (Nicholls and Rowland, 2008b, p. 181).

That is, Australia “appears to be isolated in its approach of placing the power to have location metadata supplied on a prospective basis to law enforcement agencies” (Nicholls and Rowland, 2008b, p. 181). This is exceedingly problematic given that a definition of telecommunications data is non-existent in the legislation (Nicholls and Rowland, 2008b, p. 174) and that a certain degree of ambiguity is required in incorporating future technologies (p. 179). However, this is likely to result in issues whereby the agencies seeking location data are able to independently control the definition or the type of metadata requested (Nicholls and Rowland, 2008b, p. 180). Thus, agencies are lawfully able to access location data on a prospective basis. This ability for close to real-time access of location data will facilitate “live tracking” (Nicholls and Rowland, 2008b, p. 176).

As examined earlier in reference to federal privacy legislation, the (privacy) risks are intensified with increases in accuracy and greater use of mobile devices for tracking purposes, further questioning the suitability of present telecommunications legislation in Australia, especially given the capability for telecommunications data to be accessed without a warrant and devoid of an “independent oversight” process (Rodrick, 2009, p. 404). There has been a push for more rigorous safeguards, summarised succinctly by Rodrick (2009, p. 407): “In light of the fact that prospective location information is tantamount to surveillance, access to it should be procured only via a warrant, and, as is the case with the interception and stored communications regimes, in deciding whether to issue a warrant, the issuing authority should be required to have regard to the degree to which the privacy of a person would be interfered with”.

3.3. Surveillance legislation

The use of surveillance devices is generally prohibited under the laws of the states and territories in Australia. Each state and territory prohibits the use of tracking devices and then provides an exception to the prohibition for law enforcement agencies. A tracking device is usually defined to mean “any electronic device capable of determining or monitoring the location of a person or an object or the status of an object”. That is, an LBS device would generally be prohibited under state law if it was used for surveillance. However, if the person being tracked by the device was aware of the tracking then the use of the device would not be prohibited. Example LBS tracking devices could include smart phone-based location-monitoring solutions and dedicated data logging devices that may be mounted to a particular surface or wired into a vehicle.

The state-based exceptions refer to the law enforcement agencies of that state. As a result, the Surveillance Devices Act 2004(Cth) was introduced to provide a regime that permitted the use of surveillance devices (including tracking devices) across state and territory boundaries. The Surveillance Devices Act 2004 sets out the process through which warrants, emergency and tracking device authorisations can be obtained in relation to surveillance devices for law enforcement and other purposes (Attorney General's Department, 2011). Part 1, Section 6 of the act presents a number of definitions important for this article: “data surveillance device means any device or program capable of being used to record or monitor the input of information into, or the output of information from, a computer, but does not include an optical surveillance device…device includes instrument, apparatus and equipment… surveillance device means: (a) a data surveillance device, a listening device, an optical surveillance device or a tracking device; or (b) a device that is a combination of any 2 or more of the devices referred to in paragraph (a); or (c) a device of a kind prescribed by the regulations… tracking device means any electronic device capable of being used to determine or monitor the location of a person or an object or the status of an object.”

Michael and Clarke (2013) note that law enforcement agencies, in particular, may utilise LBS for personal and mass surveillance, which are often justified as means of maintaining security, despite the lack of an adequate judicial process in some cases.

The Victorian Law Reform Commission (VLRC) published a consultation-based report on the subject of Surveillance in Public Places (VLRC, 2010). While the report is largely state-focused, it covers many aspects relevant to this investigation and discusses limitations in current surveillance laws and the need for “modernising” existing state-based legislation (refer to Chapter 6 of the report). With specific reference to the Surveillance Devices Act 2004, the VLRC's accompanying consultation paper specifies its applicability to national security and surveillance efforts, explaining that the federal law does not seek to overrule state-based legislation (VLRC, 2009). In combination with the Telecommunications (Interception and Access) Act 1979, the Surveillance Devices Act 2004 does, nevertheless, intend to “provide enforcement and national security agencies with significant investigative tools, including the ability to obtain warrants to intercept communications, obtain access to stored communications, install and use surveillance devices, and to obtain access to telecommunications data while still protecting the privacy of individuals” (Attorney General's Department, n.d.).

While the federal Surveillance Devices Act 2004 generally requires a warrant for surveillance, Sections 37–39 of the legislation indicate the conditions or circumstances under which a warrant is not required. Explicitly section 39 outlines the provisions in relation to tracking devices; that is: “(1) A law enforcement officer may, with the written permission of an appropriate authorising officer, use a tracking device without a warrant in the investigation of a relevant offence” and “(3) A law enforcement officer may, with the written permission of an appropriate authorising officer, use a tracking device without a warrant in the location and safe recovery of a child to whom a recovery order relates”. A tracking device can also be used by a law enforcement agency without a warrant if there is now requirement to enter premises or a vehicle (for example, by installing a magnetically mounted GPS device).

Additional rules relating to the authorisation also apply. For example, the authorisation must specify the period of validity, which should not exceed 90 days (section 39 (7)). It is clear that there are situations in which a location-enabled tracking device may be lawfully deployed, utilised and retrieved by certain law enforcement agencies. In cases where personal information has been collected using such surveillance devices, the Privacy Act 1988 will then apply.

3.4. National security and anti-terrorism legislation

Federal anti-terrorism laws also grant organisations, notably ASIO and the Australian Federal Police (AFP), the facility to conduct surveillance activities and gather information believed to be in the interest of national security. For example, The Australian Security Intelligence Organisation Act 1979 (Cth) enables ASIO to gather information considered to be of value in the deterrence of an act of terrorism (Attorney General's Department, 2011). ASIO is specifically granted the ability “to obtain a warrant to detain and question persons (who do not themselves have to be suspected of terrorism offences) in order to gather intelligence related to terrorist activity” as a form of preventative measure (Rix, 2007, p. 104). The Criminal Code Act 1995 (Cth), grants the AFP powers relating to questioning and surveillance (VLRC, 2010, p. 21). It also covers procedures relating to court orders, detention, questioning and search, and the collection of information and documents (Rix, 2007, p. 106). The implications of these pieces of legislation in particular, and the extent to which they apply to LBS, surveillance, tracking and location information have not been sufficiently examined and remain unclear. It has previously been suggested that these laws fail to protect human rights (Rix, 2007, p. 107), and with respect to the ASIO Act, the government has “unquestioningly granted powers to national security agencies to use location technology to track citizens”, justifying surveillance as a necessary means of ensuring Australians are protected from terrorist threats (Michael and Clarke, 2012, p. 2).

3.5. Industry guidelines for location-service providers

The LBS regulatory framework in Australia is not limited to legislation, but also includes self-regulation in the form of industry guidelines. The main industry body for all telecommunications operators in Australia is Communications Alliance. Its Guideline G557:2009 Standardised Mobile Service Area and Location Indicator Register, uses a coarse LBS to identify the geographic location of calls from mobile and nomadic devices to the emergency services.

Guidelines have also been released by the Australian Mobile Telecommunications Association (AMTA). AMTA is “the peak industry body representing Australia's mobile telecommunications industry” (AMTA, n.d.). In 2010, AMTA released guidelines intended for location-service providers (LSP) to mitigate the threats associated with misuse of passive LBS (AMTA, 2010, p. 4), which are services that do not rely on active participation by the user once initial consent has been granted (p. 5). The guidelines were developed by AMTA's working party that comprised major stakeholders in Australia, including Nokia, Optus, Telstra and Vodafone Hutchison Australia (AMTA, 2010, p. 26), providing an example of the self-regulation approach in practice. Although AMTA's guidelines were built on the NPPs and other relevant legislation (AMTA, 2010, p. 5), by April 2013 they had not been updated to reflect the amendments to the Privacy Act. The guidelines document also encourages compliance with relevant Australian laws (AMTA, 2010, p. 17) including a selection of those identified throughout this paper.

In theory, industry guidelines are significant in that they are a form of self-regulation aimed at addressing regulatory concerns, such as the risks associated with LBS usage, without the need for legislative action. As such, they form a crucial component of the LBS regulatory framework. AMTA's guidelines represent the industry's effort to ensure consumer privacy protection and safety when utilising available LBS applications – yet they have not been amended to reflect legislative change in the privacy arena. It is noteworthy that the industry-based self-regulation approach has its critics. For instance, Cho (2005, p. 236) himself claims that while self-regulation affords flexibility to industry stakeholders and symbolises a proactive approach to privacy concerns, it may by the same token be perceived an inadequate safeguard. In the context of AMTA's guidelines, Michael and Clarke (2012, p. 5) are similarly critical of the efficacy of self-regulation, claiming that industry guidelines and codes are typically “a political tool to avoid regulation.”

4. Discussion: validating the Australian framework

4.1. Summarising and sketching the LBS regulatory framework in Australia

This paper serves to sketch the current LBS regulatory framework in Australia, identifying the components comprising the overall framework, as summarised in Fig. 3. Section 3demonstrated that the LBS regulatory framework in Australia is largely dominated by legal and industry-based regulatory approaches, in particular, commonwealth-based (federal) legislation and self-regulatory mechanisms applying across Australia. The extent to which each regulatory tool applies to LBS and location data was also covered.

Fig. 3. Components of the current LBS regulatory framework in Australia.

A number of issues inevitably emerge upon closer examination of the current LBS regulatory framework in Australia. With regards to privacy legislation, it was noted that (location) information derived from LBS solutions might or might not be personal information and is unlikely to be sensitive personal information. The Privacy Act may not cover the data. Regarding Australian telecommunications legislation, location data may not specifically be classed ‘telecommunications data’ in all circumstances. The location dependent carriage service introduces ambiguity regarding definitions. The state-based prohibition on the use of tracking devices means that the provision of LBS will require explicit permission of the users of an LBS device. This is similarly the case with respect to surveillance legislation, in which tracking devices can be deployed for surveillance purposes, and without a warrant, in specific situations as outlined in the federal legislation. The implications of this lawful but covert deployment of tracking devices are yet to be fully explored. Correspondingly, national security legislation grants increasing powers to various agencies to monitor individuals under the guise of maintaining national security and protecting the interests of Australian citizens. The legal mechanisms that apply to LBS require further review, as they fail to adequately cover various aspects relevant to LBS and location data and the laws are not necessarily consistent or matching. However, opportunities for policy implementing such a review have not been seized in recent legislative change.

Similarly, industry-based guidelines are lacking in their coverage of LBS. For example, AMTA's guidelines merely cover passive LBS or those that do not require user input once initial consent is given. This is not surprising as industry bodies self-regulate a narrow group. Self-regulation is poor at involving users and other industry representatives. Supplementary to these individual issues, it is essential at this point to validate the Australian regulatory scheme in view of the conceptual framework defined earlier in this paper, in order to identify the broad challenges that surface in examining the existing framework, summarised in Table 1.

Table 1. Validation of the LBS regulatory framework in Australia.

Challenges/considerations | Validation | Areas for improvement

Technology-specific versus technology-neutral

Australian framework is largely technology-neutral (with exception of industry guidelines) and is not LBS specific.

- Subordinate legislation and regulation could be extended to cover specifics of LBS and location data.

- This may necessitate continual review of regulatory settings as LBS solutions and underlying technologies evolve.

Legislation versus self-regulation

Existing framework draws on combined legal and industry-based approach to regulation, which allows for both government and industry involvement. However, self-regulation is a characteristic of telecommunications and not privacy legislation.

- Self-regulation is created by narrow industry groups and is lacking in its involvement of users.

- There could be closer collaboration between industry and government.

- Drawbacks of current regulation and industry-based tools identified in this paper should be addressed

Multiple and competing stakeholder interests

Government and industry have largely established the current Australian framework for LBS. However, it lacks a stronger level of collaboration and user involvement.

- Collaboration and consultation are crucial in the regulatory process to ensure stakeholder representation.

- Users, in particular, must be encouraged to participate.

- Individual stakeholders in government, industry and user segments should be identified and approached.

Flexible regulatory structures

Legislation in the present framework is not particularly flexible and does not easily cater for LBS solutions in the marketplace or any future developments. Subordinate legislation is more flexible.

- Technology-specificity is required to incorporate LBS and location data into subordinate legislation.

- Industry-based tools should be continually developed and should be adaptable to technological developments.

4.2. Validation: extent to which the existing framework is specific to LBS

When considering the technology-specific versus technology-neutral debate in light of the LBS regulatory framework in Australia, it is evident that the current framework entails largely technology-neutral elements. This suggests that the framework fails to account for the specifics of LBS in that it does not adequately account for location data. This generates a risk that concerns, unique to LBS, will be overlooked in the Australian context. Technology-neutrality creates ambiguity in definitions, as can be seen in the case of the Australian privacy and telecommunications legislation in particular. However, as Australian government policy has consistently adopted technology-neutral legislation, the focus of change needs to be on subordinate legislation and self-regulatory mechanisms. The absence of an appropriate regulatory environment for LBS is undesirable from the perspective of all stakeholders, particularly individuals. The existing framework requires further provisions for LBS and location data, and it is therefore expected that legal and industry-based regulatory mechanisms will require continual review in the present technological landscape that is dominated by constant developments in both underlying technologies and emerging (and novel) usability contexts.

4.3. Validation: value of existing legislative and self-regulatory mechanisms

The Australian regulatory framework for LBS demonstrates a combined approach to regulation, in which legal and industry-based mechanisms are concurrently implemented. It is often believed that the combined approach allows for the specifics of a given technology to be better incorporated, especially at the industry level and via self-regulatory mechanisms. The Australian initiative led by AMTA can be perceived as a move towards increased industry involvement and representation, and an attempt to avoid unnecessarily stifling the LBS industry. The concern, however, lies in the limitations of self-regulation and the consequence that the guidelines are narrow in their scope and their coverage of a wide range of LBS solutions. In terms of legislation, the specific drawbacks of existing laws have been identified, requiring a review of federal legislation to ensure their applicability to LBS and that the laws are consistent and corresponding. Furthermore, closer collaboration between government, industry and users would improve the legal and industry-based mechanisms in the current framework. That is, government and other stakeholders need to be involved in industry-based processes. This type of co-regulation reduces the negative impacts of self-regulation allowing industry to impart feedback, which informs legislative processes. Importantly, consumers have an opportunity to express ‘real-world’ concerns that would directly support both legislative and co-regulatory processes.

4.4. Validation: degree to which stakeholder interests are accounted for

While government and industry perspectives have somewhat been represented in the existing framework, further collaboration is required to account for the views of users. Furthermore, individual stakeholder types must be identified within the government, industry and user segments and collaboration of individual stakeholders must be encouraged to ensure that all interests are represented in the regulatory process. In the Australian context, collaboration and consultation with a wide range of LBS value chain stakeholders in lacking, but is essential in order to incorporate multiple and competing stakeholder interests.

4.5. Validation: level of flexibility

The Australian legislative framework does not provide a flexible regulatory structure. That is, the legislation is out-dated with respect to LBS and existing provisions do not naturally enable the absorption of new LBS solutions and features. It is suggested that a higher degree of technology-specificity is required in subordinate legislation, given the unique characteristics of LBS and location data which do not always fall within the scope of current definitions. However, this approach must be carefully constructed to ensure that the chosen regulatory mechanisms are adaptable as the technology evolves. In combination with considered co-regulatory tools and guidelines that have been developed in an objective manner, this should ensure a degree of flexibility, given that regulatory systems can adapt more quickly than legislative systems.

4.6. Future research and extending the Australian framework

This paper has set the groundwork for understanding the nature and extent of the LBS regulatory framework in Australia by sketching the components of the existing scheme and defining the extent to which the respective elements apply at the federal level. It has additionally set out the regulatory and public policy context within which the framework exists and the challenges that demand a certain degree of sensitivity by presenting a conceptual framework for analysing LBS regulation. It is recommended that future studies: (a) utilise the conceptual framework as a means of measuring the validity of a given regulatory framework in a specific setting, and (b) employ the defined Australian framework as the basis for examining the need for LBS regulation in Australia and understanding the manner in which LBS regulation should be implemented.

The Australian framework presented in this paper can be further extended as part of future work. Explicit areas for prospective research include: (a) broadening the scope of the framework to account for state-based legislation and additional industry-based mechanisms, (b) encouraging a greater focus on cross-cultural comparisons by comparing the Australian case with other, more mature examples such as the European data protection regime for LBS, (c) consulting with relevant stakeholders regarding the applicability and adequacy of the Australian framework and existing regulatory measures and contrasting the results with the outcomes of the validation process presented in this paper, and (d) improving the framework based on the suggested areas for improvement.

5. Conclusion

The focus of this paper was on developing a conceptual framework for analysing LBS regulation, presenting the components of the existing Australian framework and subsequently engaging in a process of validation. The validation process indicated that the LBS regulatory framework in Australia should: (i) account more specifically for LBS and location data, (ii) better incorporate legislative, self-regulatory and co-regulatory mechanisms, (iii) encourage a higher degree of collaboration with stakeholders in the LBS value chain, and (iv) encompass a higher degree of flexibility to ensure technological developments are integrated. The benefits to be garnered from this exercise include an accurate and detailed understanding of the current framework in Australia which has allowed areas for improvement to be identified. The ensuing outcomes can be used as the basis for future research in the LBS regulation field and provide a useful starting point for determining the need for LBS regulation in Australia.

Acknowledgements

The authors wish to acknowledge the funding support of the Australian Research Council (ARC) – Discovery Grant DP0881191 titled “Toward the Regulation of the Location-Based Services Industry: Influencing Australian Government Telecommunications Policy.” The views expressed herein are those of the authors and are not necessarily those of the ARC.

References

ALRC, For your information: Australian privacy law and practice, (2008), (ALRC report 108). 12 January 2012, http://www.alrc.gov.au.ezproxy.uow.edu.au/publications/report-108

AMTA, AMTA guidelines, 24 April 2012, www.amta.org.au/files/Location.Based.Services.Guidelines.pdf (2010)

About AMTA; n.d. 21 February 2012. http://www.amta.org.au/pages/About.AMTA.

APF, Privacy laws – Commonwealth of Australia, 20 February 2012, http://www.privacy.org.au/Resources/PLawsClth.html (2007)

APF, Location and tracking of individuals through their mobile devices, 20 February 2012, http://www.privacy.org.au/Papers/LocData.html (2011)

Attorney General's Department, Australian laws to combat terrorism, 20 February 2012, http://www.nationalsecurity.gov.au/agd/www/nationalsecurity.nsf/AllDocs/826190776D49EA90CA256FAB001BA5EA?OpenDocument (2011)

Attorney General's Department. Telecommunications interception and surveillance; n.d., 20 January 2012. http://www.ag.gov.au/Telecommunicationsinterceptionandsurveillance/Pages/default.aspx.

A. Barreras, A. Mathur, Wireless location tracking, [chapter 18], K.R. Larsen, Z.A. Voronovich (Eds.), Convenient or invasive: the information age, Ethica Publishing, United States (2007), pp. 176-186

J. Braithwaite, C. Coglianese, D. Levi-FaurCan regulation and governance make a difference? Regulation & Governance, 1 (2007), pp. 1-7

P. Bridgman, G. Davis, The Australian policy handbook, (3rd ed.), Allen & Unwin, Crows Nest, NSW (2004), 198 p.

G. Cho, Geographic information systems and the law: Mapping the legal frontiers, John Wiley & Sons, Chichester, West Sussex (1998), 337 p.

G. Cho, Geographic information science: mastering the legal issues, John Wiley & Sons Inc, Hoboken, NJ (2005), 440 p.

R. Clarke, While you were sleeping… surveillance technologies arrived, Australian Quarterly, 73 (1) (2001), pp. 10-14

R. Clarke, Privacy on the move: the impacts of mobile technologies on consumers and citizens, http://www.anu.edu.au/people/Roger.Clarke/DV/MPrivacy.html (2003)

R. Clarke, PAIs in Australia – a work-in-progress report, http://www.rogerclarke.com/DV/PIAsAust-11.html (2010)

R. Clarke, M. Wigan, You are where you've been: the privacy implications of location and tracking technologies, http://www.rogerclarke.com/DV/YAWYB-CWP.html (2011)

E.B. Cleff, Effective approaches to regulate mobile advertising: moving towards a coordinated legal, self-regulatory and technical response, Computer Law & Security Review, 26 (2010) (2010), pp. 158-169

C. Cuijpers, B.J. Koops, How fragmentation in European law undermines consumer protection: the case of location-based services, European Law Review, 33 (2008), pp. 880-897

E. Dal Bó, Regulatory capture: a review, Oxford Review of Economic Policy, 22 (2006), pp. 203-225

J.E. Dobson, P.F. Fisher, Geoslavery, IEEE Technology and Society Magazine, 22 (1) (2003), pp. 47-52

A. Escudero-Pascual, I. Hosein, Questioning lawful access to traffic data, Communications of the ACM, 47 (3) (2004), pp. 77-83

A. Fenna, Introduction to Australian public policy, Addison Wesley Longman Australia Pty Limited, South Melbourne, Australia (1998), 454 p.

FIDISD, 11.5: the legal framework for location-based services in Europe, http://www.fidis.net/ (2007)

N. Gunningham, J. Rees, Industry self-regulation: an institutional perspective, Law & Policy, 19 (4) (1997), pp. 363-414

T.A. Hemphill, Monitoring global corporate citizenship: industry self-regulation at a crossroads, The Journal of Corporate Citizenship, 14 (Summer 2004) (2004), pp. 81-95

W. Herbert, No direction home: will the law keep pace with human tracking technology to protect individual privacy and stop geoslavery?, I/S: A Journal of Law and Policy, 2 (2) (2006), pp. 409-473

D.D. Hirsch, The law and policy of online privacy: regulation, self-regulation, or co-regulation? (2010), p. 1–62, http://works.bepress.com.ezproxy.uow.edu.au/dennis_hirsch/61/

I. Hosein, The collision of regulatory convergence and divergence: updating policies of surveillance and information technology, The Southern African Journal of Information and Communication, 2 (1) (2001), pp. 18-33

B.J. Koops, Should ICT regulation be technology-neutral? [chapter 4], B.J. Koops, M. Lips, C. Prins, M. Schellekens (Eds.), Starting points for ICT regulation. Deconstructing prevalent policy one-liners, IT & law series, vol. 9, T.M.C. Asser Press, The Hague (2006), pp. 1-28, (online version). p. 77–108 (original version), http://papers.ssrn.com/sol103/papers.cfm?abstract_id=918746

S. Maddison, R. Denniss, An introduction to Australian public policy: theory and practice, Cambridge University Press, Port Melbourne, Victoria (2009), 281 p.

G.T. Marx, Ethics for the new surveillance, [chapter 2], C.J. Bennett, R. Grant (Eds.), Visions of privacy: policy choices for the digital age, University of Toronto Press, Toronto (1999), pp. 37-67

K. Michael, R. Clarke, Location privacy under dire threat as uberveillance stalks the streets, Precedent (Focus on Privacy/FOI), 108 (2012), pp. 1-8, (online version) & 24–9 (original article), http://works.bepress.com.ezproxy.uow.edu.au/kmichael/245/

K. Michael, R. Clarke, Location and tracking of mobile devices: uberveillance stalks the streets, Computer Law and Security Review, 29 (2) (2013), http://works.bepress.com.ezproxy.uow.edu.au/kmichael/305/

J.B. Morris, The privacy implications of commercial location-based services, Testimony before the House Committee on Energy and Commerce, Subcommittee on Commerce, Trade, and Consumer Protection and Subcommittee on Communications, Technology, and the Internet: 1–15, http://inews.berkeley.edu/files/CDT-MorrisLocationTestimony.pdf (2010)

L.B. Moses, Recurring dilemmas: the law's race to keep up with technological change, Journal of Law, Technology and Policy, 2007 (2) (2007), pp. 239-285

L.B. Moses, Agents of change: how the law ‘copes’ with technological change, Griffith Law Review, 20 (4) (2011), pp. 763-794

R. Nicholls, Right to privacy: telephone interception and access in Australia, Technology and Society Magazine, IEEE, 31 (2012), pp. 42-49

R. Nicholls, M. Rowland, Regulating the use of telecommunications location data by Australian law enforcement agencies, Criminal Law Journal, 32 (2008), pp. 343-350

R. Nicholls, M. Rowland, Message in a bottle: stored communications interception as practised in Australia, [chapter 7], K. Michael, M.G. Michael (Eds.), The second workshop on the social implications of national security (from Dataveillance to Uberveillance and the Realpolitik of the Transparent Society), University of Wollongong, IP Location-Based Services Research Program (Faculty of Informatics) and Centre for Transnational Crime Prevention (Faculty of Law), Wollongong, Australia (2007), pp. 83-96

Nicholls and Rowland, 2008b, R. Nicholls, M. RowlandRegulating the use of telecommunications location data by Australian law enforcement agencies, [chapter 14], K. Michael, M.G. Michael (Eds.), The third workshop on the social implications of national security (Australia and the New Technologies: Evidence Based Policy in Public Administration), University of Wollongong, IP Location-Based Services Research Program (Faculty of Informatics), Wollongong, Australia (2008), pp. 173-184

H. Nissenbaum, Privacy in context: technology, policy, and the integrity of social life, Stanford Law Books, Stanford, California (2010), 288 p.

P.J. O'Connor, S.H. Godar, We know where you are: the ethics of LBS advertising, [chapter Xiii], B.E. Mennecke, T.J. Strader (Eds.), Mobile commerce: technology, theory and applications, Idea Group Publishing, Hershey, US (2003), pp. 245-261

OAIC. Privacy Act; n.d. 20 February 2012. http://www.privacy.gov.au/law/act#.

P. Ohm, The argument against technology-neutral surveillance laws, Texas Law Review, 88 (2010) (2010), pp. 1685-1713

T. Pilgrim, Speech to biometrics institute privacy in Australia: challenges and opportunities, 27 May 2010, Amora Hotel Jamison, Sydney. p. 1–29, www.privacy.gov.au/materials/types/download/9516/7089 (2010)

Privacy Act 1988 (Cth). Commonwealth of Australia; 2 February, 2012. http://www.comlaw.gov.au/Details/C2011C00503/Download.

Privacy Amendment (Private Sector) Act 2000 (Cth), Privacy Amendment (Private Sector) Act 2000 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2004A00748/Download.

C. Reed, Taking sides on technology neutrality, SCRIPT-ed, 4 (3) (2007), pp. 263-284

M. Rix, Australia and the ‘war against terrorism’: terrorism, national security and human rights, [chapter 8], K. Michael, M.G. Michael (Eds.), The second workshop on the social implications of national security (from Dataveillance to Uberveillance and the Realpolitik of the Transparent Society), University of Wollongong, IP Location-Based Services Research Program (Faculty of Informatics) and Centre for Transnational Crime Prevention (Faculty of Law), Wollongong, Australia (2007), pp. 97-112

S. Rodrick, Accessing telecommunications data for national security and law enforcement purposes, Federal Law Review, 37 (2009), pp. 375-415

G.D. Smith, Private eyes are watching you: with the implementation of the E-911 mandate, who will watch every move you make? Federal Communications Law Journal, 58 (2006), pp. 705-726

G.J. Stigler, The theory of economic regulation, The Bell Journal of Economics and Management Science, 2 (1971), pp. 3-21

Surveillance Devices Act 2004 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2011C00646/Download.

D. Svantesson, A legal method for solving issues of internet regulation, International Journal of Law and Information Technology, 19 (3) (2011), pp. 243-263

I. Székely, M.D. Szabó, B. Vissy, Regulating the future? Law, ethics, and emerging technologies, Journal of Information, Communication & Ethics in Society, 9 (3) (2011), pp. 180-194

Telecommunications (Interception and Access) Act 1979 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2012C00081/Download.

(Cth)Telecommunications Act 1997 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2012C00084/Download.

The ASIO Legislation Amendment Act 2003 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2004A01228/Download.

The Australian Security Intelligence Organisation Act 1979 (Cth). Commonwealth of Australia; 2 February 2012. http://www.comlaw.gov.au/Details/C2011C00585/Download.

VLRC, Surveillance in public places consultation paper, Victorian Law Reform Commission, Melbourne (2009), http://www.lawreform.vic.gov.au/projects/surveillance-public-places/surveillance-public-places-consultation-paper

VLRC Surveillance in public places, Final report 18, Victorian Law Reform Commission, Melbourne (2010), http://www.lawreform.vic.gov.au/projects/surveillance-public-places/surveillance-public-places-final-report

H. Xu, H.H. Teo, B.Y.C. Tan, R. Agarwal, The role of push–pull technology in privacy calculus: the case of location-based services, Journal of Management Information Systems, 26 (3) (2009), pp. 135-173

Keywords: Location-based services, Regulation, Legislation, Law, Self-regulation, Co-regulation, Industry guidelines, Privacy, Australia

Citation: Roba Abbas, Katina Michael, M.G. Michael, Rob Nicholls, Sketching and validating the location-based services (LBS) regulatory framework in Australia, Computer Law & Security Review, Vol. 29, No. 5, October 2013, pp. 576-589, DOI: https://doi.org/10.1016/j.clsr.2013.07.014

Location-Based Services for Emergency Management: A Multi-stakeholder Perspective

Abstract

emlbs.jpg

This paper investigates the deployment of location-based services for nationwide emergency management by focusing on the perspectives of two stakeholders, government and end-users, in the cellular mobile phone value chain. The data collected for the study came from a single in-depth interview and open comments in a preliminary end-user survey. The themes presented have been categorised using a qualitative analysis. The findings indicate that although governments and end-users believe that location-based services have the potential to aid people in emergencies, there are several major disagreements over the proposed deployment. This paper is an attempt to help determine the underlying motivations and impediments that would influence the decisions of both stakeholders and also towards providing a better understanding of the anticipated role of each party in such a deployment.

SECTION I. Introduction

Location-based services (LBS) are a set of applications and technologies that take into account the geographic position of a given cellular mobile device and provide the device user with value added information based on the derived location data [1]. The conventional use of LBS in emergencies is to find the almost pinpoint geographical location of a cellular handset after a distress phone call or a short message service (SMS). The services have been recently exploited, to some extent, in several countries to complement the existing traditional emergency channels (e.g. sirens, radio, television, landline telephones, and internet) as a means to communicate and disseminate time-critical safety information to all active cellular handsets about unfolding events, even post the aftermath, if the handsets are in the vicinity of a pre-defined threat zone(s) [2]. LBS applications have shown the potential to be a valuable addition in emergency management (EM), particularly, when they are utilised under an all-hazards approach by the interested government agencies.

This paper investigates the perspectives of two pivotal stakeholders in the LBS value chain, namely the prospective user and the government, about the use of the services for the purposes of EM and public warning. The investigation is expected to provide an understanding about the perceived benefits, impediments and concerns of utilising the services into relatively new contexts, and also to shed some light on the expected role of both key players in any feasible future solution. Accordingly, this paper is among the first to examine the potential dynamics between LBS stakeholders, specifically, in the realm of emergencies.

SECTION II. Methodology

This research was conducted using two methods of data collection. The first method was to use a traditional paper survey. Six hundred surveys were randomly distributed by hand to mailboxes in the city of Wollongong, New South Wales, Australia, in November, 2008. Although, this traditional approach is costly, time-consuming and demands a lot of physical effort, it was favoured as it is more resilient to social desirability effects [3] where respondents may reply in a way they think it is more socially appropriate [4]. Beside a basic introduction of location-based services and emergency management, the survey provided the participants with four vignettes; each depicting a hypothetical scenario about the possible uses of LBS applications for managing potential hazardous situations. The scenarios cover specific related topics to emergencies such as an impending natural event, a situation where a person is particularly in need of help, and a national security issue. Two of the vignettes were designed to present location-based services in a favourable light, and the other two vignettes were designed to draw out the potential pitfalls. Through the use of vignettes, participants were encouraged to project their true perceptions about LBS while, at the same time, involved with creating a meaning related to the potential use of the services in extreme events. This was highly important to establish among participants before starting to obtain informed responses from them, especially, when the utilisation of location-based services in the realm of emergency management is still in its nascent stages worldwide.

The survey which predominantly yielded quantitative results also included one open-ended question in order to solicit written responses from the participants. Despite the fact that only 14 respondents wrote hand-written comments, it should be noted that the primary goal of the open-ended question technique was to understand the solution as perceived by the respondents and not to aggregate their responses for any quantitative representation. Therefore, the number of written responses was sufficient to fulfil the requirements of the content analysis.

The second method was to use a semi-structural interview. The interview was conducted with an official from a leading government emergency services department in Australia. The interview was conducted in November, 2008. The main objectives of performing the interview were to:

  • Explore the government's perspective regarding the various LBS technologies being considered for emergency management.
  • Define the potential role of the government in any nationwide feasible LBS-dependent solution.
  • Gain an understanding of the potential impediments, if any, to the government's decision for adopting location-based services solutions.
  • Investigate the government's understanding and position on matters pertaining to information control and privacy concerns, in relation to nationwide deployments of location-based services in emergency management.

The initial focus was to get an understanding of the similarities and differences in opinions, attitudes and sentiments of individual survey participants. Once that was done, a constructed list of extracted unique keywords was generated and then used to combine the points of view thematically. The same list was also used in the discovery of comparable themes within the interview data. This helped to ensure that the discovered themes from both methods are grounded in specific contexts related to the research being conducted [5].

The themes are presented in two sections by stakeholder type: i) the prospective user, and ii) the government. A discussion is then made based on a cross-theme analysis of the two stakeholders.

SECTION III. The Prospective User

The individuals' willingness to accept LBS technologies and applications could, essentially, determine the likelihood for success in the introduction of LBS solutions for emergency management. This research discerned the need to directly elicit peoples' opinions about the consequences of such an introduction in order to have a preliminary understanding and feel for the concerns and issues prospective users might have before the actual deployment of emergency management solutions using location-based services. The following extracted themes have been categorised based on a qualitative analysis of respondents open comments.

A. The role of the government as perceived by the prospective user

The government is perceived to have a multidisciplinary role that includes provisioning, funding, maintaining, and regulating services related to civil society. Technologies like location-based services have the potential to serve the public, and their adoption and development should be highly advocated among strategic decision-making circles. With respect to LBS offerings, strict legislation should also be introduced by the government to explicitly define the legal liability, for example, in the case of a service failure, or information disclosure accidentally or deliberately.

B. Privacy concerns

In the context of LBS, privacy in the government context mainly relates to the personal locational information of individual citizens and the degree of control in which a government can exercise over that information. Such information is regarded highly sensitive, so much so, that when collected over a period of time inferences about a person could be generally made [6]. Accordingly, privacy concerns may originate when individuals become uncomfortable with the collection of their location information, the idea of its perennial availability to other parties, or the belief that they have incomplete control over that collection.

The traditional commercial uses of LBS have long raised concerns about the privacy of the users' location information [7]. The same issues arise within the context of emergencies. Survey respondents expressed genuine concerns about the possibility of being tracked constantly even during an emergency. This specific note is quite interesting to mention as it raises again the argument of whether or not individuals are willing to relinquish their privacy for the sake of continuous safety and personal security [8]. Another concern expressed was that location information could be used for other purposes besides a given emergency context. Such unauthorised secondary use of the collected information has been discerned in the literature as one of the main privacy concerns that also include excessive location data collection, errors in storage and improper access of the collected data [9]. The last concern conveyed by respondents was that information could be gradually spread or shared with third parties, who are not pertinent to the government's emergency organisations, without explicit consent from the LBS user.

C. The Price of the Services

Some respondents perceived the price of location-based services to be expensive, especially in the context of emergency management. One respondent was adamant that they would not be willing to pay in exchange for using location-based services in an emergency, believing it was a public right. This may suggest that the usage context may have little to do with impacting an individual's decision to use location-based services. Nonetheless, a more rational explanation is that respondents may have a lack of awareness and appreciation of the associated benefits.

In general, the comments suggested that the fees should be borne by the government through the allocation of taxes gathered from the working population, to cover the costs of providing and maintaining vital civic services.

D. Assurance of control mechanisims

One emphasis in the respondents' comments was the need to assure the prospective user's control over who would collect the information, how the location information would be collected, who would have access to that information, where the information would be stored and for how long, and what information would be kept after the occurrence of an emergency incident. For example, it is envisaged that such data would be extremely vital in coronial inquests post natural or human-made disasters. In the state of New South Wales, in Australia, for instance, coroners are exempt from privacy laws and can legitimately gain access to medical records, financial transaction data and even telecommunications records. As a result, a need to create safeguards to protect users' right to control their personal location information was profound among respondents.

Zweig and Webster [10] argued that individuals would accept a new technology, if they perceived to have more control over their personal information. Therefore, an important issue concerns the potential use of location-based services in emergencies, is how the users perceive the most dependable safeguard that is capable of protecting their location information, thus alleviating any concerns they might have to begin with.

Xu and Teo [11] have defined several control mechanisms in order to alleviate similar concerns. One mechanism is the technology self-based assurance of control, which refers to the ability of the LBS user to exercise a direct control over his/her location information via the technical features of the LBS device. For example, a user can determine when to opt-in or to opt-out from a service or can define the preferred accuracy level to which the solution provider is able to track his/her handset. This has been expressed in one of the respondent's suggestions of having some technical features in the handheld device itself in order to be able to “switch on/switch off” the location-based service anytime.

Another assurance of control is a mechanism that is institution-based via legislation. In this case, relevant government laws and regulations exist within the legal system to ensure the proper access and use of the personal locational information [11]. Forces in power (i.e. in this context, government agencies tasked with emergency response) could exercise proxy control over the location information on behalf of the user in the case of an emergency. However, the control should be safeguarded by the assurance that unauthorised behaviours will be deterred through the legal system in use. One respondent actually advocated the idea of introducing explicit relevant legislation, before presenting the services to the public, as it would provide powerful and foolproof safeguards for protecting users' control over their private information.

E. The usefulness of the services

The frequency of emergencies and natural and human-made disasters, and the highly unanticipated nature of such extreme events present opportunities for initiatives based on LBS solutions as a promising and a valuable addition to the existing utilised approaches for managing all identifiable hazards and their possible aftermaths. However, for any initiative proposed usefulness is a principle reference point for judging its suitability to people. If people do not perceive any usefulness behind LBS for emergencies, then it is most likely that they would not consider the use of the services. The comments from the respondents overwhelmingly perceived LBS to be highly useful in emergency situations. One suggestion is that the technology should be utilised for emergency purposes only as their usefulness in such situations far outweigh any privacy concerns they might raise. However, most of the respondents perceived a potential for LBS to be utilised as an important medium to assist communities in emergencies beside their obvious practical possibilities for commercial application as well.

SECTION IV. The Government

Former worldwide experiences have clearly revealed the indispensable role of the government in emergencies since only governments usually have the capabilities to fund and control the financial, human and technical resources needed to managing such situations. As a result, it could be argued that the realisation of a consistent LBS solution for emergency management would be highly conditional upon perceiving the government as the main stakeholder and as a proponent of the services. The following extracted themes represent a “framework of meanings” elicited from the interviewee. The interviewee is an official from a leading emergency services government department in Australia.

A. The role of the prospective user as perceived by the government

Being the focus of the LBS solution, an expected role of the prospective citizen user will not only to be as a mere recipient of the warning message sent by the government but also as the initial point of safety information to others as well. The recipients would have the responsibility to act and convey the warning message to the people who are effectively within their care at the time of the event (e.g. the elderly, the children, the disabled, and the sick). Another example could be a manager of a shopping centre where there is a potential for a large gathering of people in one place, and that place of interest is within the defined emergency area.

B. Where does LBS fit among the existing emergency management solutions?

The European Telecommunications Standards Institute (ETSI) has defined two types of location-based emergency service applications [12]. The first is initiated by the individual in the form of a distress mobile phone call or SMS. In these cases, the telecommunications carriers are obliged to provide information regarding the location of the originated call or message within accuracies between 50 to 150 metres. This service is known as wireless E911 in the United States and E112 in the European Union. The second type of LBS applications are initiated by the solution provider in which alerts, notifications, or early public warnings are disseminated (pushed) to all active handsets, which are within a predefined threat area(s) at the time of the unfolding event.

From a governmental perspective, both approaches (i.e. the emergency phone call/SMS and the LBS warning system) are only two ends of the same spectrum. As a result, LBS solutions for public warning are perceived as an additional extension of the existing emergency and warning systems. Accordingly, the same organisations and agencies handling the conventional inbound emergency phone calls should be assigned the responsibility of handling the LBS emergency public warning system.

C. The perceived benefits of LBS for EM

Location-based services have the potential to act as the primary source of safety information. They can also be utilised to point people in the direction of other safety information channels. The messages delivered through the LBS solution could be the initial warning the public receive if they are within the area that is likely to be affected at that time. Once the message is received, people could then turn into other forms of media, such as television or the radio, for more information.

Through providing people with early safety information, the LBS solution may have the potential to save lives by allowing the individuals to make more informed decisions; thus putting them into a safer position. It should be noted here however that even with such powerful applications, it is government policy during emergencies such as bushfires that still override the capabilities of the new technologies. A technology may be fully functional however, the stance taken by government on what to communicate during a disaster may not be effective or even plausible.

Despite the possibilities, the fact that the cellular handsets are the most prevalent among individuals makes the LBS solutions highly valuable in emergencies. Moreover, contrary to other forms of media, LBS do not require the individual to be anchored to a device in order to receive the information. A warning message could reach all the active handsets within the threat zone, allowing people to understand that something is unfolding around them.

D. The cost of the LBS solution

As every individual has the right to be advised by the government in the case of an unsafe situation, the funding of any possible LBS solution would basically lie on the shoulders of federal and state governments. Due to the specific nature of the solution, it could not be financed through any kind of advertising or sponsoring. The cost will, essentially, depend on the final form of the solution. However, a possible impediment for the government's decision to adopt LBS for emergencies could be the cost-per-message delivered. As every message being delivered theoretically represents a commensurate revenue expectation for telecommunications carriers, long-term partnership arrangement and agreements between carriers and the government, early involvement of the carriers as a major stakeholder could partially answer the cost burden of the solution. Nevertheless, the solution will primarily rely on the practices of the telecommunications carriers and their willingness to extensively share their resources in emergencies with the government. The buy-in of carriers, especially incumbents cannot be overstated, although traditionally carriers have complied with government mandates that have been concerned with the greater good of society.

E. Privacy concerns

Due to the fact that any achievable location-based emergency warning system is meant to be only used for public safety, the privacy associated with it should not be a major issue. LBS public warning solutions are perceived as one end of a spectrum that includes the traditional emergency response services number on the other end. The same organisations will be handling the information from both systems. The sole purpose will be to identify the handset number within the emergency area at the time of the event. The number is perhaps the only mechanism by which a notification could reach the handset if the user is in an imminently dangerous situation.

Any proposed solution could neither be an opt-in nor an opt-out system. If individuals opt-out and did not receive the warning message, and then the unfortunate event occurred where they lost their lives, it would not be well received by the public. The message is provided as a means of maintaining the safety of all individuals that are within the likely affected area. Accordingly, prior consent from the prospective user will not be a prerequisite for initiating the service directly to him/her.

SECTION V. Discussion

An examination of the themes presented reveals an agreement between both stakeholders on the potential benefits of location-based services for emergency management. There is also a consensus that the solution should be funded by the government and regulated, operated and maintained by related government emergency organisations. However, a comparative analysis of the extracted themes shows several disagreements between the two stakeholder types. For example, although there was recognition of the indispensable expected role of the private sector, the prospective users expressed concerns that the telecommunications carriers may view the utilisation of the services in the domain of emergencies as a chance to raise revenue rather than being for the public interest, resulting in unsolicited commercial-based services. Other differences such as the need to address the privacy concerns and some of the design features of the recommended system have also appeared. The analysis is presented in Table 1.

TABLE 1: A COMPARATIVE ANALYSIS OF THE PERSPECTIVES OF THE STAKEHOLDERS

Technologies such as LBS have the potential to serve the public. Therefore, the adoption and the development of such technologies should be highly advocated in the higher decision-making political circles. Initiatives to involve the private sector early in the proposition of location-based services in emergency situations need to be instituted. For example, consider the Warning, Alerts, and Response Network (WARN) Act in the United States, which encourages telecommunications carriers to participate in government warning systems used to target a broad variety of media including cellular mobile phones. The act, specifically, obligates the carriers who do not wish to participate to clearly indicate it to their potential users at the point of sale [13]. In addition, strict legislation should also be put in place to explicitly define the legal liability, for example, in the case of a service failure, or information disclosure accidentally or deliberately.

As the deployment of the proposed solution could be hindered by the misconceptions people might have about the misuse of the technologies, some of the earlier differences could be partially solved by underpinning the possible deployment with a substantial educational campaign about location-based services, their limitations and their potential benefits.

SECTION VI. Conclusion

The paper investigated the perspectives of two pivotal stakeholders in the cellular mobile phone location-based services, namely the government and the prospective user, concerning emergency management solutions. The findings indicate that despite the general agreement of the massive potential of location-based solutions in emergency management, both key players have differed considerably on some of the issues raised such as the design of system and the need to address privacy concerns. A general consensus among the stakeholders is that location-based services is an important tool for disseminating relevant customised warning and safety information to people during and after emergency crises. Utilising LBS technologies could have the potential to allow people to make more informed decisions, leading them potentially into a position of safety, which will ultimately create a more resilient society towards the onslaught of extreme and unexpected events.

References

1. A. Küpper, "Location-based Services: Fundamentals and Operation", John Wiley & Sons Ltd: Chichester, West Sussex, 2005.

2. A. Aloudat, K. Michael, and Y. Jun, "Location-Based Services in Emergency Management- from Government to Citizens: Global Case Studies", in Recent Advances in Security Technology, P. Mendis, J. Lai, E. Dawson, and H. Abbass (Eds), Australian Homeland Security Research Centre: Melbourne. p. 190-201, 2007.

3. W.G. Zikmund and B.J. Babin, "Business research methods". 9th ed, Thomson/South-Western: Mason, Ohio, 2007.

4. T.D. Cook and D.T. Campbell, "Quasi-experimentation : design & analysis issues for field settings", Rand McNally College Pub. Co.: Chicago, 1979.

5. M.Q. Patton, "Qualitative Research & Evaluation Methods". 3 ed, Sage Publications: Thousand Oaks, California, 2002.

6. R. Clarke and M. Wigan, "You are where you have been", in Australia and the New Technologies: Evidence Based Policy in Public Administration, K. Michael and M.G. Michael (Eds), University of Wollongong: Canberra. p. 100-114, 2008.

7. M. Gadzheva, "Privacy concerns pertaining to location-based services". Int. J. Intercultural Information Management, 2007. 1(1): p. 49-57.

8. L. Perusco and K. Michael 2007, "Control, trust, privacy, and security: evaluating location-based services", Technology and Society Magazine, IEEE, pp. 4-16.

9. H.J. Smith, S.J. Milberg, and S.J. Burke, "Information Privacy: Measuring Individuals' Concerns About Organizational Practices". MIS Quarterly, 1996. 20(2): p. 167-196.

10. D. Zweig and J. Webster, "Where is the line between benign and invasive? An examination of psychological barriers to the acceptance of awareness monitoring systems". Journal of Organizational Behavior, 2002. 23(5): p. 605-633.

11. H. Xu and H.-H. Teo. "Alleviating Consumer's Privacy Concerns in Location-Based Services: A Psychological Control Perspective". in the Twenty-Fifth Annual International Conference on Information Systems (ICIS). Washington, D. C. 2004.

12. European Telecommunications Standards Institute. "Analysis of the short message service and cell broadcast service for emergency messaging applications". 2006; Available from: http://pda.etsi.org/pda/home.asp?wki- id=jhPgAkxRGQ2455A550@55.

13. S. Mollman. "Cell broadcasts could help avert catastrophe". 2009; Available from: http://edition.cnn.com/2009/TECH/02/05/db.cellbroadcast/ index.html?iref=intlOnlyonCNN.

ACKNOWLEDGMENT

This research was supported under Australian Research Council's Discovery Projects funding scheme (project DP0881191). The views expressed herein are those of the authors and are not necessarily those of the Australian Research Council.

Keywords

Disaster management, Government, Telephone sets, Conference management, Technology management, Australia, Mobile handsets, Impedance, Management information systems, Privacy, radio direction-finding, cellular radio, emergency services, qualitative analysis, location-based services, emergency management, multistakeholder perspective, cellular mobile phone value chain, cellular mobile phone, location-based services, emergency management, public warning, all-hazards approach

Citation: Anas Aloudat, Katina Michael, Roba Abbas, 2009, "Location-Based Services for Emergency Management: A Multi-stakeholder Perspective", Eighth International Conference on Mobile Business, ICMB 2009, 27-28 June 2009, Dalian, China, 10.1109/ICMB.2009.32

The Auto-ID Trajectory - Abstract

Traditionally the approach used to analyse technological innovation focused on the application of the techno-economic paradigm with the production function as its foundation. This thesis explores the rise of the evolutionary paradigm as a more suitable conceptual approach to investigating complex innovations like automatic identification (auto-ID) devices. Collecting and analysing data for five auto-ID case studies, (bar codes, magnetic-stripe cards, smart cards, biometrics and RF/ID transponders), it became evident that a process of migration, integration and convergence is happening within the auto-ID technology system (TS). The evolution of auto-ID is characterised by a new cluster of innovations, primarily emerging through the recombination of existing knowledge. Using the systems of innovation (SI) framework this study explores the dynamics of auto-ID innovation, including organisational, institutional, economic, regulatory, social and technical dimensions. The results indicate that for a given auto-ID innovation to be successful there must be interaction between the various stakeholders within each dimension. The findings also suggest, that the popular idea that several technologies are superseded by one dominant technology in a given selection environment, does not hold true in the auto-ID industry. 

Read More

The Auto-ID Trajectory - Chapter Four Historical Background: From Manual to Auto-ID

Before the introduction of computer technology the various means of external identification were greatly limited. The most commonly used method was relying on one’s memory to identify the distinguishing features and characteristics of other humans, such as their outward appearance or the sound of their voice. However, relying solely on one’s memory had many pitfalls and thus other methods of identification were introduced. These included marks, stamps, brands, cuts or imprints engraved directly onto the skin, which were to be later collectively referred to as tattooing. Historical records date the first tattoo about 2000BC to Ancient Egypt, though there is evidence to suggest that tattooing was introduced by the Egyptians as early as 4000BC (Cohen, T. 1994, p. 25).

Read More