My comments are inline. I have tried to use your terminology instead of the
actual UMTS terms.
> Mobile Network Operator (MNO) is defined as the owner and operator of
mobile
> network. It has the technical capability to locate its mobile
> users/subscribers. MNO could also provide some LBS Applications/Services.
> MNO will be the party to ensure that the location information of a User is
> not abused so as to protect user privacy as well as to protect itself from
> legal issue since it physically controls and provides the user location
> information.
Yes I agree. MNO will have control over the location information. MNO may
use this information for performance enhancements (e.g. location assisted
handoff) as well as providing location based services by itself or through a
third party. Just a little clarification, positioning maybe mobile based,
mobile assisted, network based or network assisted.
> My question is how MNO can ensure the end user location information is
> respected and protected and not abused by ASP.
>
> I give an example as follows.
>
> The user wants to find his own location.
>
> The user enters a new city and is not sure about the
> surrounding environment. He thinks he will be feeling safe/comfortable if
he
> knows his location. Thus, he checks with his MNO, requesting his own
> location to be delivered to him.
> This sounds simple and straightforward. But there is the
> tricky part here. If the service is provided by MNO, MNO will ensure that
it
> will carry out the positioning only upon request. But if an ASP other than
> MNO provides the service, how does MNO ensure user privacy?
Case 1: Mobile Station (MS) requests own location
The MNO always maintains a subscription profile for each MS. If the
subscription profile of the MS allows Basic Self Location, then the MNO will
send basic location information back to the MS. No ASPs will be involved.
Case 2: MS requests location assistance data
Location assistance data may be used by the MS to compute its own location
in an extended period using mobile based positioning methods. Location
assistance data will be provided by the MNO to the MS only if it subscribes
to the Autonomous Self Location profile. No ASPs will be involved.
Case 3: MS requests transfer of location information to some ASP
If the MS wants its location information to be delivered to some other ASP
(for example, in order to find out the nearest Italian restaurant) then it
must have a subscription to the Transfer to Third Party profile. In this
case the user will be aware that his location information is being sent to a
third party.
The new 3G phones in development are equipped with GPS receivers and
download/store city maps and locality information etc themselves. In most
cases, these phones won't even tell the MNO what they are doing.
> Say the ASP may
> tell MNO to locate John. But actually John did not request for this. The
ASP
> just did this out of curiosity or some other reasons.
The ASP can only request location information for John if John himself has
subscribed to push-type location services from that particular ASP. John's
subscription profile will define who can query his location, at what times,
how many times and whether his prior authorization is required or not.
> Another privacy issue
> is that every time John requests his own location, the ASP may keep a
record
> for some reasons, say, just for fun or selling it to third party. The user
> and MNO may not know all these. One day when the user gets to know his, he
> is likely to sue both ASP and MNO, as MNO is the one who provided user
> location information to ASP.
No one can stop MNO or ASP from storing location information. However,
something may be done about selling it to third parties. When you divulge
your information on the internet, most companies agree to not selling your
information to third parties.
> My point is that it is not advisable for MNO to control all the
> Location-related user profile in different applications. As this is not
> efficient and incurs a lot of cost when there are a lot of LBS
applications.
Well in UMTS, its the job of the MNO to keep the subscription profile of its
users.
----------------------------------------------------------------------------
--------------------------
Shahid Shoaib +1-408-451-4740 Direct
DoCoMo USA Labs Inc. +1-408-573-1090 Fax
shahid@dcl.docomo-usa.com http://www.docomo-usa.com
Received on Thu Jul 19 16:12:00 2001
This archive was generated by hypermail 2.1.8 : Thu Jan 22 2004 - 12:32:22 EST