Two United States senators have introduced a bill that would require companies to explicitly get permission from mobile users before sharing location data with other third-parties.
The Location Privacy Protection Act would close loopholes in existing law, Sens. Al Franken (D-Minn.) and Richard Blumental (D-Conn.) said as they introduced the bill on June 15. The loophole refers to a clause in the Electronic Communications Privacy Act of 1986 which allows wireless companies and app developers to share location data with just about anyone.
The information collected by geolocation technology can be both beneficial as well as dangerous, Franken. The legislation won’t stop companies from collecting the data, but would make it obvious. Users have the right to know what kind of information is being collected and organizations should make sure to gain consent before sharing the information with anyone else.
“The same information that allows emergency responders to locate us when we’re in trouble is not necessarily information all of us want to share with the rest of the world,” Franken said.
There has been a lot of concern about mobile devices collecting geolocation data, often without the user’s consent and awareness. A group of developers came across an unencrypted file on the iPhone that contained information about cell towers nearest the device, and found they could figure out where the user has been. Franken wrote to Steve Jobs shortly after that information was publicized, expressing his concerns.
Google has also come under scrutiny for collecting similar information on its Android devices. A Wall Street Journal report last December found the 47 of the top 101 iPhone and Android apps were tracking location data.
Franken chaired a hearing by the Judiciary Subcommittee on Privacy, Technology and the Law in May on issues surrounding mobile technology and privacy. In particular, testimony focused on companies collecting geo-location data on mobile devices.
“I concluded that our laws do too little to protect information on our mobile devices,” says Franken. At his hearing, anti-domestic violence groups in Minnesota said this kind of technology can be exploited by abusers.
The Center for Democracy and Technology, the Consumers Union and the National Center for Victims of Crime all expressed support for the bill.
The Franken-Blumenthal bill is similar to another mobile location bill introduced on the same day by Sen. Ron Wyden (D-Ore) and Rep. Jason Chaffetz (R-Utah). The Geolocation Privacy and Surveillance Act also gives guidelines to law enforcement agencies and the government on how they can use consumer data.
The bills don’t address exactly how the app developers and mobile companies will notify users. It may be that every time an app or service wants permission to share your location information with third parties, it will ask the user for approval.
It isn’t clear whether either of these bills will make it through Congress. While the recent revelations about how much information is being collected and transmitted “created a bit of a stir in Congress,” that doesn’t necessarily mean the bills will move quickly or be voted on this year, Jim Halpert, a partner at law firm DLA Piper, told eWEEK. Legislation that can have a significant impact on Internet economy “generally tends to get kicked around” Congress for a few years, according to Halpert.
Congress “will pass these privacy bills in due time, but they are not in a hurry,” Halpert said.