Another great Step on the Data Protection Law.Congratulations.
https://orf.at/stories/3158211/
The government currently receives - anonymously - the movement data of its customers from the domestic mobile operator A1. This is intended to enable the crisis team to see whether the measures to restrict social contacts are effective. The procedure also raises fundamental data protection issues. Not only data protectors, the SPÖ also criticized the procedure sharply.
Fewer contacts
First, according to an A1 spokeswoman, this data shows that A1 customers already severely restricted their range of motion at the end of the previous week, an A1 spokeswoman confirmed a corresponding report by the "Kronen Zeitung". This was also confirmed in the Federal Chancellery.
There, too, it was assured that no individual movement profiles had been transmitted. Rather, it was a comparison of the total movements between the previous Saturday and the Saturday before. "It's about the currents and the question of how that changed within a week," emphasized the spokesman.
Legally compliant for Chancellery
This is in compliance with the law and regulated in the General Data Protection Regulation. A1 also offered the data on its own initiative. A1's approach is also GDPR-compliant.
A1 also emphasized that the data could not be used to draw any conclusions about the individual cell phone user. Each cell phone is assigned a number that is automatically generated randomly for tracking. All these numbers are freshly assigned every 24 hours (so anonymized again). It is not even possible to understand where the anonymized users are going over long periods of time.
Live tracking would also be possible
In this way, however, the anonymized users could also be tracked “live”. But that does not happen, it said at A1. The government also has no direct access to the data. There is no interface.
This technology is "offered by a large number of companies throughout Europe and has been tried and tested for years. A1 makes these analyzes available to relevant government agencies in times of crisis for the benefit of the general public, ”said the telecommunications company. In fact, data of this kind is offered by telecom operators to companies for money.
Not justified for SPÖ
Such a procedure is not acceptable for the SPÖ vice club boss Jörg Leichtfried "even in such an unusual situation." He showed understanding that extraordinary situations may require extraordinary measures, "but these measures may only be taken in a form that is in accordance with the rule of law".
NGO wants to examine closely
The civil rights organization epicenter.works now wants to take a closer look at which data was passed on and how it was anonymized. Because the aggregation of individual data does not always offer reliable anonymization, says Managing Director Thomas Lohninger about the APA. One also wants to check whether there is a legal basis for the data transfer.
Expert points to the rule of law
The data protection expert Christof Tschohl from the Research Institute - Digital Human Rights Center emphasized against the "standard" that the procedure is understandable "from a human perspective". And adds: "But: The rule of law otherwise requires precision for good reasons, the Constitutional Court shows that this is strictly observed."
https://orf.at/stories/3158211/
The government currently receives - anonymously - the movement data of its customers from the domestic mobile operator A1. This is intended to enable the crisis team to see whether the measures to restrict social contacts are effective. The procedure also raises fundamental data protection issues. Not only data protectors, the SPÖ also criticized the procedure sharply.
Fewer contacts
First, according to an A1 spokeswoman, this data shows that A1 customers already severely restricted their range of motion at the end of the previous week, an A1 spokeswoman confirmed a corresponding report by the "Kronen Zeitung". This was also confirmed in the Federal Chancellery.
There, too, it was assured that no individual movement profiles had been transmitted. Rather, it was a comparison of the total movements between the previous Saturday and the Saturday before. "It's about the currents and the question of how that changed within a week," emphasized the spokesman.
Legally compliant for Chancellery
This is in compliance with the law and regulated in the General Data Protection Regulation. A1 also offered the data on its own initiative. A1's approach is also GDPR-compliant.
A1 also emphasized that the data could not be used to draw any conclusions about the individual cell phone user. Each cell phone is assigned a number that is automatically generated randomly for tracking. All these numbers are freshly assigned every 24 hours (so anonymized again). It is not even possible to understand where the anonymized users are going over long periods of time.
Live tracking would also be possible
In this way, however, the anonymized users could also be tracked “live”. But that does not happen, it said at A1. The government also has no direct access to the data. There is no interface.
This technology is "offered by a large number of companies throughout Europe and has been tried and tested for years. A1 makes these analyzes available to relevant government agencies in times of crisis for the benefit of the general public, ”said the telecommunications company. In fact, data of this kind is offered by telecom operators to companies for money.
Not justified for SPÖ
Such a procedure is not acceptable for the SPÖ vice club boss Jörg Leichtfried "even in such an unusual situation." He showed understanding that extraordinary situations may require extraordinary measures, "but these measures may only be taken in a form that is in accordance with the rule of law".
NGO wants to examine closely
The civil rights organization epicenter.works now wants to take a closer look at which data was passed on and how it was anonymized. Because the aggregation of individual data does not always offer reliable anonymization, says Managing Director Thomas Lohninger about the APA. One also wants to check whether there is a legal basis for the data transfer.
Expert points to the rule of law
The data protection expert Christof Tschohl from the Research Institute - Digital Human Rights Center emphasized against the "standard" that the procedure is understandable "from a human perspective". And adds: "But: The rule of law otherwise requires precision for good reasons, the Constitutional Court shows that this is strictly observed."