DPC probes Bluetooth privacy

8 Oct 2007

While the Information Commissioner in the UK has effectively ended its regulation of Bluetooth technology leading to fears of spamming, the Data Protection Commissioner (DPC) here in Ireland is currently considering incorporating Bluetooth usage into our data protection acts.

The Privacy and Electronic Communications Regulations (PECR) in the UK will now no longer cover Bluetooth technology despite the fact that it is a wireless technology operating on a short-range radio and brings with it all the vulnerability of these connections.

A spokesperson for the office of the Data Protection commissioner said: “We are currently engaging in a debate about this at the moment. The key issue for us is whether and to what extent personal information is involved in the transfer.”

The spokesperson said given that Bluetooth technology is essentially radio, the Data Protection Commissioner wouldn’t necessarily consider that someone had been unduly exposed to direct marketing just because you turned on the radio in the car and hear an ad.

“However, in the same way it is arguable that because you have a Bluetooth system switched on on your mobile and adverts are being sent in a non discriminatory manner to any receiver in the area the question arises: is any personal information being transferred?,” he said.

Beyond personal information is a broader security concern said the spokesperson.

“Is it acceptable that somebody can be exposed to this ongoing marketing indiscriminately in this manner?”

“We’re responsible for protecting people’s personal information. We’re trying to determine the degree to which personal information is involved here.”

By Marie Boran