Confidentiality of radio communication

In June 2016, legislation was amended to allow tracking of people flows by using the traffic data of mobile phones or other wireless terminal devices. The amendment also allows observation of different kinds of remotely controlled devices and related commercial services. However, identifying or tracking an individual user remains prohibited.

One main goal of the amendment to the Information Society Code is to support creating new type of business in Finland. By monitoring traffic data in shopping centres, airports or railway stations, for instance, the data on customer flows may be used to develop business. Tracking of people flows could also be useful in optimising lift systems, for example.

Observation of remotely controlled devices can help us provide a service to check whether there are unmanned aircraft or other remotely piloted devices within prison areas or other high security areas.

Traffic data processing principles

Under the Experiment Act, traffic data may also be processed and used by a third party which is not the intended recipient of the radio communication in question or a party to the communication. Processing traffic data does not require consent of the party to the communication.

There are two requirements for making use of traffic data:

  1. No individual person can be identified and traffic data shall be anonymised, and
  2. Data shall be processed statistically using automatic data processing.
    Anonymisation means turning traffic data into a form which does not allow identifying individual persons.

The requirement of statistical processing rules out the possibility of processing traffic data in real time. Furthermore, statistical analysis cannot be made if the group of users is so small that it would risk identifying a natural person.
The above-mentioned requirements are based on section 136(5) of the Information Society Code. The amendments are part of the Experiment Act in force from 20 June 2016 to 20 June 2021.

Further information

Chapter 17 of the Information Society Code

Government proposal to Parliament on amending and temporarily amending the Information Society Code as well as amending the Act on Notified Bodies Concerning Certain Product Groups (HE 67/2016 vp. in Finnish)


Key words: Information security , Cyber security , Data protection , Digital experimentation , Open data

Updated 19.01.2017

LinkedIn Print

logo

The Finnish Communications Regulatory Authority (FICORA)

The National Cyber Security Centre Finland (NCSC-FI)

Itämerenkatu 3 A

P.O. Box 313

FI-00180 HELSINKI


Media contacts by telephone +358 295 390 248