Nordic Privacy Regulators Assessing Airport Passenger Wi-Fi Use Tracking

Bloomberg Law: Privacy & Data Security brings you single-source access to the expertise of Bloomberg Law’s privacy and data security editorial team, contributing practitioners,...

By Marcus Hoy

Aug. 13 - A new Helsinki Airport system to monitor passengers' mobile device wireless Internet connections for a crowd control system may raise privacy concerns, data protection officials in Finland and Norway recently told Bloomberg BNA.

Although the Finnish airport authority Finavia said in a July 30 statement that the Wi-Fi monitoring plan wouldn't collect personal data, the data protection officials said privacy regulators will be closely watching the system for violations of relevant data protection laws.

May Be Used for Marketing

Finavia said in its statement that it had already installed dozens of sensors at Helsinki Airport that will enable managers "get an almost pinpoint fix on individual mobile devices without storing any of the owners' personal data."

Beacons and routers will "discreetly monitor signals from smart phones either passively or with an app-based opt-in," the company said.

The system is already being rolled out, Finavia said, and the technology will be fully installed by the end of 2014.

The authority said that the system's primary function is to identify and prevent passenger bottlenecks, but it added that it would also allow retailers in the airport to "maximize their own marketing efforts." Between 60 and 70 percent of people who visit the airport receive Wi-Fi signals through their mobile devices, Finavia said.

Passenger Opt-Out Is Important

Finland's Data Protection Ombudsman Reijo Aarnio told Bloomberg BNA Aug. 12 that his office is examining the airport monitoring system.

Finland's Act on Radio Frequencies and Telecommunications Equipment (1015/2001) forbids third parties from intercepting most radio signals, Aarnio said. Whether the system complies with the act would likely be a question for the nation's Communication Regulatory Authority, he said. Aarnio said that his office was interested in whether the system could potentially entail any processing of personal data and whether passengers would need to opt in or opt out of the technology.

In an Aug. 7 statement by the Data Protection Authority in neighboring Norway, Specialist Director of Technology Atle Arnes said it was important that participation in any monitoring must be "clearly voluntary" and "easy to opt in and opt out of."

Finavia Communications Manager Annika Kala told Bloomberg BNA Aug. 11 that passengers would be able to opt out of the system.

Similar Technology at Oslo Airport

Arnes told Bloomberg BNA Aug. 12 that Oslo Airport had already adopted similar technology to inform passengers of the length of lines at security checkpoints.

"They started out by using Bluetooth, but as more and more people switched that feature off, they started to use Wi-Fi signals instead," he said.

"The Norwegian Public Roads Administration has used a similar solution for queue measurement at the roads into the major cities," Arnes added. "They do not use mobiles, but the car owners' toll tags."

"We have had conversations with the other data protection authorities in the Nordic countries about such solutions," he said. "We have no immediate plan to create further guidelines in this area, beyond what requirements Norwegian legislation sets for the processing of personal data. We will however provide regular advice and guidance."

 To contact the reporter on this story: Marcus Hoy in Copenhagen at

To contact the editor responsible for this story: Donald G. Aplin at


Request Bloomberg Law Privacy and Data Security