Data Protection for Mobile Mapping

Mobile Mapping providers need to be aware of data protection laws (like GDPR, CCPA), public perception and social responsibility. Here are the facts.


28 May 2020, by Mario Sabatino Riontino


Figure 1: Example of blurred images from Mobile Mapping Street-Level Panorama, © STRABAG AG
Figure 1: Example of blurred images from Mobile Mapping Street-Level Panorama, © STRABAG AG

Mobile mapping is the process of collecting geospatial data from a mobile vehicle or a drone typically fitted with a range of photographic, radar, laser, LiDAR or any other remote sensing systems. The primary output from such systems includes GIS data, 3D models, digital maps, street-level and aerial imagery.

The last two often capture images and videos of pedestrians and vehicles, hence containing faces, bodies and license plates.

Mobile Mapping and Personal Data

Art. 4 of the GDPR regulation defines “personal data” as:

... any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Considering that face and body are the most fundamental and highly visible elements of our identity, they fall under the definition of personal data. Similarly, license plate numbers can be used to trace the identity of the subject. Thus, specific measures are necessary to comply with legal requirements.

Most privacy laws around the world are consent-based— i.e. require explicit consent from the data subject. It seems obvious to just get the consent to begin with. But when you consider large imagery dataset, it could be time-consuming and costly to get explicit consent from hundreds of thousands, or even millions of individuals.

However, according to the Recital 26, “this Regulation (GDPR) does not, therefore, concern the processing of such anonymous data”, defining anonymized data as “data rendered anonymous in such a way that the data subject is not or no longer identifiable.”

If data is anonymized, no consent is required.

Anonymization for Mobile Mapping

Anonymization is a better solution because it preserves privacy while drastically reducing operational costs. Current state-of-art methods of image and video anonymization include:

  • Masking (2nd face from left)
  • Pixelation (3rd face from left)
  • Blurring (4th face from left)
  • Replacement (last face from left)

Figure 2: Anonymization methods applied to a picture of Rowan Atkinson, https://arxiv.org/pdf/1909.04538.pdf
Figure 2: Anonymization methods applied to a picture of Rowan Atkinson, https://arxiv.org/pdf/1909.04538.pdf

Among them, blurring emerged as the de-facto standard anonymization method. In fact, companies like Google, Microsoft and Apple are using it to protect individuals’ privacy.

Celantur offers a GDPR-compliant solution to automatically blur large amounts of images and videos using deep learning-based anonymization and scalable cloud architecture. Thereby we anonymise personal data like faces, bodies, license plates and vehicles.

Figure 3: Blurred pedestrians on Mobile Mapping street-level imagery, © Open Innovation Center GmbH
Figure 3: Blurred pedestrians on Mobile Mapping street-level imagery, © Open Innovation Center GmbH

Our product is developed specifically for Mobile Mapping and works well with imagery from various systems:

  • Trimble MX9
  • Trimble MX 7
  • Leica Pegasus:Two
  • GeoSLAM ZEB Discovery
  • NavVis VLX
  • and many more

All in all, it offers highest quality and scalability, and is open for integration with third-party systems.

Data Protection: Costs and Implications

According to Deloitte, almost 78% of European citizens are aware of their privacy rights.

Moreover, as claimed by Datagrail, companies should prepare to process approximately one request for every 5.000 - 10.000 individuals each year. Manually processing high volume of privacy requests is likely to cost anywhere from €1289,30 per request.

Manually processing a single request for deletion can cost around €1289,30.

Another risk is fines. Last year, the Swedish data protection authority (DPA) had fined Skellefteå High School Board for SEK 200,000 (approx. €18,600) for using facial recognition technology to verify 22 pupils' attendance in lessons for three weeks.

In particular, the DPA highlighted that the school had violated several articles of the General Data Protection Regulation, including:

  • Article 5 for personal data processing which is excessive to requirements
  • Article 9 for processing biometric data without a valid reason
  • Article 35 for failure to complete a Data Protection Impact Assessment ('DPIA')
  • Article 36 for failure to consult with the DPA prior to the processing of personal data

Why is a small fine handed out to a remote town important? Because it demonstrates that, in order to successfully implement a mapping solution, you must focus on meaningful consent or anonymization to ensure secure and compliant adoption.

Social Responsibility & Public Perception

Mobile mapping equipment mounted on cars and drones are not always seen positively by the public. In fact, according to the European Aviation Safety Agency (EASA), 40% of surveyed people view drones negatively. Safety, privacy and environment are the main concerns for societal acceptance.

In some countries, pedestrians may feel observed and monitored when seeing a Mobile Mapping vehicle in public.

Privacy is a main concern for societal acceptance

When Google announced in August 2010 that it would map the streets of Germany's 20 biggest cities by the end of that year, the outrage was huge. Some of Google's camera cars were vandalised. A 70-year-old Austrian who didn't want his picture taken threatened the driver of one with a garden pick.

Overall, this may lead the company to severe PR damage. For this reason, privacy is not only a matter of legislation, but also an ethical duty to the society.

A good practice to prevent such possibility is the so-called "privacy by design": Companies and organisations implement technical and organisational measures (e.g. anonymization) at the earliest stages of the product/operation design in such a way that safeguards privacy and data protection principles right from the start.

Summary

  • Mobile Mapping Systems often capture images and videos containing faces, bodies and license plates. According to data protection laws, these objects are personal data.
  • Most data protection regulations are consent-based. However, anonymization is a more feasible and cost-effective way than consent to comply with these laws.
  • Blurring is the de-facto standard anonymization method. Companies like Google, Microsoft and Apple are using it to protect individuals’ privacy.
  • Data deletion requests, fines and PR damages might be costly for your company.

About Celantur

Celantur offers automated anonymization for images & videos to comply with privacy laws. Specialized in Mobile Mapping, it works as well with automotive and parking space companies. Our technology automatically detects the objects to be anonymized and blur them:

✓ We anonymize all kinds of RGB-imagery: planar, panorama and video

✓ Our cloud platform is capable of anonymizing around 200.000 panoramas per day and 90.000 video frames per hour.

✓ Industry-grade anonymization quality: detection rate up to 99%

mobile mappingdata protectiongdprenglish
Contact Us

Latest Blog Posts

Smart Cities and Mobile Mapping

Learn how the city of Vienna took advantage of Mobile Mapping to improve its Smarty City digital service for citizens and companies.


Data Protection for Mobile Mapping (for experts)

History and Implications of Data Protection Laws like GDPR, CCPA, etc. for Mobile Mapping.


Image Anonymization for Mobile Mapping

Achieving Legal Compliance of Mobile Mapping by Anonymizing Images.