Work Package 2: Privacy model
Work Package 2 aims at building a set of common rules proposed to all European countries as an appropriate compromise between information needed for an appropriate services management and customers privacy protection, involving transport operators against undue dissemination of personal data.
As new payment facilities bring new services to customers, transport operators break a traditional protection of privacy which prevailed in the past with ‘mass transit’. When a customer subscribes for tariffs, loyalties or special means of payment, he willingly delivers appropriate private data that are necessary to open his rights to these facilities and to allow their operation.
The validation process also allows recording of his trips, necessary for fraud protection programs, and sometimes for the payment itself. Anonymously, these data are useful to monitor capacities and schedules, tariffs, etc… Once they exist, Transport operators and authorities also wish to use them for individual marketing purposes.
Each stage of progress towards seamless travel brings the customer new risks that his privacy is attacked: Data can be captured from the fare device by different front-end equipments. They can also be exchanged between back-offices.
Recently, new functional facilities allowed by multi-application fare devices generate a new risk for privacy: the personal data a customer accepted to communicate to one of his service providers -e.g. his bank or his domestic IFM manager- could be captured from the fare device by another one -e.g. a foreign IFM manager- .
Task 1: Functional survey of existing set of rules applicable to transport IFM applications by national institutions and regulations in different contractors European countries
This task will investigate and compare on which bases these sets of rules are built and how they are perceived and dealt with:
Result of task 1 will be survey analysis.
How to make sure that each operator has only access to the private data that concerns him ?
How to make sure that no third company or service provider can access protected personal data ?
Task 2: Consensus Paper
A common understanding of these different issues as a base for a common set of rules will be sought. This step requires participation from representatives of countries involved in cooperative writing of a focus paper.
UITP will be involved in that step to organise participation of other European countries besides contractors countries.
Task 3. Specifications for privacy protection in fare devices and in back-offices
A proposal for common functional specifications for privacy protection in fare device and in back-office will be written and presented to Article 29 Working Party for comments and approval as well as to ISO JTC1/SC27 as its WG5 has produced a document : “standards and guidelines addressing security aspects of identity management, biometrics and the protection of personal data”.
Article 29 Working Party Working Paper E-Ticketing in Public Transport
D2.1 " Survey an analysis of privacy protection organisation in European countries"
D2.2 "Focus Paper on privacy in transport IFM applications" (please download, fill in the contribution form pages 28-33 and send it back to the mentioned emails)
D2.3 "European handbook on rules and regulations for privacy protection in fare devices and back-offices"