Responsible Use of Location Tracking Technologies

 In an effort to dial back its current work-from-home culture, PricewaterhouseCoopers will start tracking where some of its employees work. It will start requiring its UK employees to spend a minimum of 3 days per week in the office and will use location data to manage their in-person attendance. While there is nothing per se illegal about tracking employees in this manner, but I question whether it's a good HR practice. Indeed, there's quite the creep factor. How much will your employees mind Big Brother tracking all of their movements, and how will it impact morale? And there still are some legal risks. Privacy: Provided employees consent to being tracked as a condition of their employment, there should not be any privacy concerns. Indeed, in Quon v. Arch Wireless, the Supreme Court suggested that employees may lack any reasonable expectation of privacy in employer-provided technological equipment at all. Yet, the law is not quite settled on these privacy implications. Moreover, state privacy laws may vary. Additionally, the more data you record, the more risk you take that such information will be compromised or targeted by hackers. Medical Information: Tracking employee movements could reveal a host of medical information. Who visits the bathroom more could be pregnant or suffering from a bladder infection? Who smokes? Who visits the vending machine and eats unhealthy snacks? This information could be used, for example, by employers to discriminate, or by insurers to charge higher premiums. So, what are some suggestions if you wish to track employees' locations? 1. Document your reason(s) for tracking to support your legitimate business interest. 2. Disseminate (and explain) an Employee Tracking Policy, which should describe the need for the program, the nature of the tracking device, the data you will be tracking, how you will use (and, more importantly, not use) the data, and how you plan to keep it secure. 3. Obtain employee consent before tracking. 4. Limit the data to those that need to know, to minimize the sphere of individuals who could learn or infer medical information. Or consider anonymizing the data so individuals aren't implicated. 5. Don't sell or otherwise disclose the information to insurers or other third parties. 6. Ensure that your data security is updated. 7. Finally, call your employment lawyer. Cutting edge practices are always risky and should be vetted by counsel before implementation.

Why You Should Update Your Location Settings Now The NSA has issued a warning about the risks of location tracking on mobile devices, urging users to take immediate action to protect their privacy and finances. This advisory highlights the increasing misuse of location data by companies and hackers, with serious implications for personal security and financial well-being. Key Concerns • Targeted Pricing: The FTC has found that companies use location and browsing data to implement “surveillance pricing,” charging different prices for goods and services based on a consumer’s behavior and location. • Recent Data Breach: Hackers released sensitive location data from Gravy Analytics, exposing information about millions of Americans. This incident underscores the risks of inadequate data protection. • Government Advisory: The NSA warns that location data is highly valuable and can compromise personal security. While originally intended for national security concerns, the advice applies broadly to prevent exploitation by corporations and cybercriminals. Steps to Protect Yourself 1. Check App Permissions: Review which apps have access to your location and disable permissions for those that don’t need it. 2. Adjust Privacy Settings: Set location sharing to “While Using the App” or disable it entirely for non-essential apps. 3. Enable Location Spoofing (if necessary): For apps that require location data but don’t need precision, consider enabling fake or generalized locations to protect your privacy. 4. Use a VPN: A Virtual Private Network can mask your browsing behavior and location, reducing the risk of tracking. 5. Update Your Devices: Regularly update your phone’s software to benefit from the latest privacy enhancements and security patches. Why This Matters Unchecked location sharing can expose you to price manipulation, data breaches, and personal tracking risks. Taking a few minutes to update your privacy settings can save you money, protect sensitive data, and ensure your peace of mind. Don’t ignore these warnings—secure your device today.

"Privacy is Safety" - Debbie Reynolds “The Data Diva” "The Data Privacy Advantage" Newsletter is here! 🌐📬 This month's focus is on the "Privacy’s "Safety by Design" Framework: A Path to Safer, Privacy-First Products" 💡 What is the “Safety by Design” Privacy Framework? The framework is a proactive approach integrating privacy into every step of the product lifecycle, ensuring protection against modern privacy threats like cyber harassment, location misuse, and unauthorized tracking. This approach supports compliance and builds user trust by demonstrating a commitment to safety and security. 📌 The "Safety by Design” Privacy Framework Overview: 1. 🔍 Data Collection & User Consent 📍 Context-Based Incremental Consent 🔔 Clear Visual Cues for Data Collection 🔄 Limit Sensitive Data Collection in Third-Party Integrations ❌ Prevent Cross-Device Tracking Without Explicit Consent 🗂️ Transparent Consent Flows 2. 🔒 Data Minimization & User Control 🛠️ Privacy-Centric Defaults 👥 Customizable Privacy Controls for Contact Groups 👀 Mask or Hide Personal Information in Public Profiles ⏸️ Temporary Account Deactivation or Anonymization ⏱️ Time-Limited, Expiring Access Links for Sensitive Data 3. 📍 Location Privacy & Data Masking 🔒 Opt-In for Location Tracking ⏲️ Time-Limited Permissions for Location and Data Sharing 📌 Easy Options to Delete, Pause, or Disable Location History: 🚫 Turn Off Real-Time Activity Broadcasting: 🕶️ Invisible Mode or Alias-Based Settings 🔹 Real-World Examples: When Apple and Google noticed AirTags being misused for tracking, they implemented cross-platform notifications to alert users to unauthorized tracking devices—a powerful example of privacy as safety by design. By acting proactively, these companies protected users and reinforced their commitment to safety-first innovation. Why It Matters Privacy is increasingly intertwined with safety. With the "Safety by Design" Framework, companies can go beyond compliance to create stronger, safer relationships with their users. This approach is essential as regulations evolve but cannot keep up with every new tech risk. Adopting this framework helps make privacy a business advantage and shows a company’s genuine commitment to protecting user data and well-being. 📈 Safety by Design is not just about preventing fines—it's about making a meaningful impact on users' lives. Let's prioritize safety together. 🚀 Empower your organization to master the complexities of Privacy and Emerging Technologies! Gain a real business advantage with our tailored solutions. Reach out today to discover how we can help you stay ahead of the curve. 📈✨ Debbie Reynolds Consulting, LLC #privacy #cybersecurity #DataPrivacy #AI #DataDiva #EmergingTech #PrivacybyDesign #DataPrivacy #SafetyFirst #DigitalSafety #CyberHarassment #DataMinimization #UserControl #LocationPrivacy #SafetyByDesign #UserTrust

Businesses that use location data should be following the California Privacy Protection Agency’s Risk Assessment Regulations as the most recent draft regulations had a number of provisions that would impose risk assessment obligations associated with the use of location information. For example, the draft regulations provide that “every business whose processing of consumers’ personal information presents significant risk to consumers’ privacy must conduct a risk assessment prior to processing”. Using Automated Decisionmaking Technology “in furtherance of a decision that results in the provision or denial of financial or lending services, housing, insurance, education enrollment or opportunity, criminal justice, employment or contracting opportunities or compensation, healthcare services or access to essential goods, services or opportunities” is considered a significant risk to consumers’ privacy. Of note to the geospatial community, the definition of Automated Decisionmaking Technology includes “”any form of automated processing of personal informaiton to evaluate certain personal aspects relating to a natural person and in particular to analyze or predict aspects concerning that natural person’s performance at work, economic situation, health personal preferences, interests, reliability, behavior, location or movements.” #geospatialaw