‘Informed’ consent in popular location based services and digital sovereignty

Abstract

ABSTRACT In many countries, informed consent is required before a service provider can collect personal data from a user. For location-based services (LBS), this applies in particular to personal location information, which can enable deep inferences about a person. In this paper, we present a systematic analysis of how informed consent for the collection of personal location information is obtained in 40 popular LBS on each of the two largest app stores. Two independent raters assessed the content, structure and design of the dialogues shown by apps to obtain consent from users. Based on their assessment, we identified common approaches used across and within different app categories and platforms, including the frequent use of ‘dark patterns’. We highlight key issues arising from these common designs, discuss specific gaps in the procedure of obtaining informed consent and propose improvements to that procedure. In addition, we consider current practice in the context of enabling digital sovereignty with respect to personal location information. Our findings can shape the design and evaluation of informed consent procedures for future LBS in research and practice.