TORONTO—Ontario privacy commissioner Ann Cavoukian announced the release of a white paper on privacy of geo-location services in a keynote at the SC Congress Data Security Conference and Expo at the Metro Toronto Convention Centre on Tuesday.

The paper, Wi-Fi Positioning Systems: Beware of Unintended Consequences, was prepared in consultation with former Microsoft Corp. chief architect of identity Kim Cameron.

“There are very good uses for geo-location data,” Cavoukian said. But the persistence of a mobile device’s media access controller (MAC) address ties location information to the user. Unintended uses of the data must be part of any privacy risk analysis, Cavoukian said.

Recently, a media storm erupted over the storage of location data on Apple Inc.’s iPhone. The phones keep a history of a user’s location data. While CEO Steve Jobs did a good job of allaying user fears by insisting that Apple does not and will not collect user data, Cavoukian said, it was a reactive response.

In the days following the news, Cavoukian said, colleagues on social network LinkedIn issued a bounty on Apple’s privacy officer, since no one could find out who Apple’s privacy point person was.

“There was actually a reward for anyone who could find Apple’s privacy officer,” she said.

Four principles should be applied when collecting geo-location data, she said: Transparency, giving users clear notification at the outset that the data is being collected; requiring the user’s consent for data being collected by making the data collection opt-in, rather than opt out, by default; anonymized data; and minimizing the data collected.

“That will enable you to avoid the enormous duty of care” that goes with collecting user data, she said.

Cavoukian’s keynote, which opened the conference, hammered home her now-familiar Privacy by Design (PbD) principle, attacking what she calls the “zero-sum” thinking that pits privacy against security.

“You have to deliver privacy as a core functionality,” she said. Privacy must be part of the standards creation process, not applied afterward. At that point, she said, “you’ve already lost the battle.”

Rather than focus on what embedding privacy costs an organization, focus on what it saves a corporation. There’s not only the fallout from a breach—in penalties, brand damage and lawsuits—but also the fact that, according to Doug Westlund, CEO of N-Dimension Solutions Inc., a Richmond Hill, Ont., smart grid security solutions vendor, it costs three to five times more to build privacy into an existing after a breach than it does to build it into the system up front.

PbD was adopted as a standard at an international conference of privacy commissioners in October 2010, and its seven principles have been translated into 21 languages.

But, Cavoukian acknowledges, PbD’s principles are more easily applied to new systems than existing ones.

“Privacy by Design is ideal for an emerging system,” she said. But organizations with huge legacy systems face a more daunting challenge.

At the next international privacy commissioners’ conference this October in Mexico City, Cavoukian will host a workshop, sponsored by American Express Inc. and Ernst & Young, on translating PbD’s seven core principles for application to legacy systems. Privacy by Redesign, as she’s dubbed it, will aim to refresh legacy systems to prevent data leakage, she said.