Senator Franken’s Comment to NTIA Focuses on Location Privacy

 

Page Hubben

On April 2, Senator Al Franken, Chairman of the Senate Judiciary Subcommittee on Privacy, Technology and the Law, wrote a letter to the National Telecommunications and Information Administration, an agency of the U.S. Department of Commerce, to comment on the Multistakeholder Process to Develop Consumer Data Privacy Codes of Conduct. One of Senator Franken’s primary focuses in the letter is location privacy, and he argues that the Location Privacy Protection Act he introduced last year provides an answer to some of the major issues.

 

Senator Franken’s main concern with location privacy is the lack of federal law governing commercial use of this data. He points out that because the Fourth Amendment does not apply to corporations, federal law allows companies to collect location information from customers and give the information to third parties. He notes that the Cable Act and the Communications Act prohibit cable and telephone service companies from disclosing customer location, but the Electronic Communications Privacy Act lets smartphone and app companies share the same information without obtaining consent.

 

The letter aligns the location privacy bill with President Obama’s recently released Consumer Privacy Bill of Rights. The President’s proposal calls for transparency, individual control, and respect for context. Senator Franken asserts that transparency is not satisfied by disclosures in a privacy policy. Accordingly, his bill requires companies to tell consumers what information will be collected and to whom it will be disclosed. To implement individual control, companies must obtain express authorization prior to collecting or disclosing location information. In Senator Franken’s view, the combination of these requirements preserves contextual integrity, because consumers can ensure that their information is used only within a specific context.

 

The letter enumerates recent events that triggered concerns over consumer privacy, such as the Carrier IQ software running secretly in mobile phones to collect location data and keystrokes. Such stories show that consumers appreciate the sensitive nature of location data, but the transition in technology has happened so rapidly that many people are unsure of when information is collected and by whom.

 

The Future of Privacy Forum, a think tank, sees these events diminishing consumer confidence and is working with industry and government agencies to create responsible privacy practices. Part of the issue in their view is that policy makers know there is a problem, but may not have a clear understanding of what is going on.

 

Nevertheless, regulation may be on the horizon. In addition to Senator Franken’s bill, Congressman Ed Markey released a draft of the Mobile Device Privacy Act earlier this year, which would require user permission to operate monitoring software on a mobile device. The Federal Trade Commission also specifically mentioned mobile data as a key area for privacy discussions, encouraging industry groups to regulate themselves.

 

Many feel that self-regulation can address consumer concerns more effectively than the government. The Future of Privacy Forum calls for app developers to create solutions, and NetChoice, an e-commerce trade group, ranked the location bill as one of the worst for companies operating online because they believe it would require a pop-up notice every time an app collects location information. Senator Franken addresses this concern directly in his letter: “[A]s I explained when I spoke on the floor of the Senate to introduce the legislation, my bill will not flood consumers with pop-up consent screens: a one-time consent screen will suffice.”

 

Criticism from business groups may be enough stall this bill, but given the growth of mobile technology and consumer unease when location data is improperly shared, this is an issue likely to stay on everyone’s radar.