RECLAIMING Data Article Swipe

View

Related Concepts

Internet privacy Computer science Mobile phone Subject (documents) Service provider Service (business) Data Protection Act 1998 Personally identifiable information Identity (music) World Wide Web Data access Computer security Business Database Telecommunications Physics Acoustics Marketing

Chris Norval , Heleen Janssen , Jennifer Cobbe , Jatinder Singh ·

YOU? · · 2018 · Open Access · · DOI: https://doi.org/10.1145/3267305.3274153 · OA: W4289420918

Data protection regulations generally afford individuals certain rights over\ntheir personal data, including the rights to access, rectify, and delete the\ndata held on them. Exercising such rights naturally requires those with data\nmanagement obligations (service providers) to be able to match an individual\nwith their data. However, many mobile apps collect personal data, without\nrequiring user registration or collecting details of a user's identity (email\naddress, names, phone number, and so forth). As a result, a user's ability to\nexercise their rights will be hindered without means for an individual to link\nthemselves with this 'nameless' data. Current approaches often involve those\nseeking to exercise their legal rights having to give the app's provider more\npersonal information, or even to register for a service; both of which seem\ncontrary to the spirit of data protection law. This paper explores these\nconcerns, and indicates simple means for facilitating data subject rights\nthrough both application and mobile platform (OS) design.\n