US Senators Al Franken (D-Minnesota) and Richard Blumenthal (D-Connecticut) introduced a bill, the Location Privacy Protection Act (.pdf; 82KB), that would require platform vendors and app developers to obtain user consent before collecting those users’ location information. It would apply only to non-governmental collection of location information.
US Senators Ron Wyden (D-Oregon) and US Representative Jason Chaffetz (R-Utah) introduced a similar bill, the Geolocation Privacy and Surveillance Act (.pdf; 53KB), that would apply to both government agencies and commercial entities. Law enforcement agencies would be required to show probable cause and obtain a warrant before accessing location information on individuals.
The US Justice Department has consistently maintained that it doesn’t need a warrant to track an individual’s historic movements or current location from transmission towers used by the subject’s mobile phone. Jennifer Valentino-DeVries, writing for the Wall Street Journal, cites an academic paper and a 2010 Newsweek article describing thousands of location requests from law enforcement to wireless carriers each month.
David Kravets, writing for Wired, notes that Wyden’s bill comes on the heels of the Obama administration’s request to the US Supreme Court to allow warrantless installation of GPS tracking devices on suspects’ vehicles. The legislation, as proposed, would apply to real-time tracking and include past location and movement information. This last bit puts it squarely in conflict with a bill introduced by US Senator Patrick Leahy (D-Vermont), the Electronic Communications Privacy Act Amendments of 2011 (.pdf; 66KB), that focuses mainly on requiring probable cause and a warrant to obtain email stored on servers (including in the cloud). Leahy’s bill would require probable cause and a warrant for real-time GPS tracking, but not for past location and movement information.
Scott Thurm and Yukari Iwatani Kane, writing for the Wall Street Journal, reported last year that 47 of 101 surveyed apps transmit location information to third parties without users’ consent (or even knowledge); 56 of the surveyed apps sent the phone’s device identification number. Five of the surveyed apps reported “age, gender, and other personal details.”
Austin Carr, writing for Fast Company, wants you to believe this and related issues are really, really complicated; “... the incredibly massive and complicated online-privacy puzzle….,” writes Carr. “The problem has become so fraught that few pretend to have an answer for all of the issue’s complexities,” he concludes.
The online privacy issue is neither complicated nor massive. It’s fraught all right, but only because writers like Carr fail to unpack the commercial interests that are vested in unnecessarily complicating the issue.
Every time you click the “Yes” or “Agree” button when your iPhone asks if it can use your location, you’re consenting. The problem is, you don’t know to what, precisely, you’re consenting.
The solution is to pass broader, more useful legislation modeled on the European Union’s Data Protection Directive which basically mandates collected information being used solely for the purpose for which it was collected. Information collected for one purpose cannot be used for any other purpose. Start with that as a baseline and build opt-in alternatives from there, so long as the user is always in absolute control of his or her personal information.
If I tell my iPhone that an app can use my location to provide information about nearby restaurants, it should be just that. No coupons, no special offers, no recommendations. All of those should be opt-in alternatives that are utterly transparent and under my sole control.
0 responses. Comments closed for this article.