Who reads mobile operators’ privacy policies carefully when activating a new SIM card or changing operator? It is quite common to give consent to data processing without delving into or even reading what one agrees to. The data that are constantly collected from our smartphones – from location and navigation information, to more sensitive ones such as biometric data – are collected and used to offer ‘tailor-made’ services, or sold by operators to other companies. Their collection makes it possible to obtain sensitive information about users, such as religious affiliation, sexual orientation or other interests.
In recent years, important legal steps have been taken in the field of data protection by the European Union, especially with the enactment of the GDPR (the General Data Protection Regulation) in 2018. Still, just a few European telephone companies are making an effort to make information on the processing of personal data more readable, even though the legislation stipulates that it must be easily accessible and understandable. As part of the PANELFIT project, OBC Transeuropa and two other EDJNet partners conducted an investigation that seeks to shed light on the real use that European phone companies make of our data, with a focus on the cases of Italy, Spain, France and Germany.