Both US and European regulators alike are turning the focus to mobile technology, especially the collection of location-based data and other consumer behavioral information. An American statistic revealed that over 26,000 adults were stalked annually through the use of GPS devices, including those on mobile phones. This number is from 2006, and today there are three times as many smartphones in use.
On May 19, 2011, the US Senate Committee on Commerce, Science and Transportation had a hearing that focused on “Consumer Privacy & Protection in the Mobile Market Place.” Present were representatives from Google, Apple and Facebook, as well as David Vladeck, director of the Bureau of Consumer Protection of the Federal Trade Commission (FTC).
At the subcommittee hearing, Senator John Rockefeller expressed concerns about the amount of information mobile devices are actually able to collect about their owners. He demanded stronger controls over how and when such personal data is shared, saying, “As smartphones become more powerful, more personal information is being concentrated in one place. Consumers want to understand and have control of their personal information. ” Senator Rockefeller is the chairman of the US Senate Committee on Commerce, Science and Transportation.
According to Senator Al Franken, the chairman of the judiciary subcommittee on Privacy, Technology and the Law, “Consumers have a fundamental right to know what data is being collected about them. I also believe they have a right to decide whether or not they want to share that information and with who they want to share it and when.”
Jessica Rich from the FTC expressed worries about mobile device safety, saying, “These concerns stem from the always-on, always-with-you personal nature of mobile devices.” She also pointed out the possible hazards of “invisible collection and sharing of data with multiple parties, the ability to track consumers – including children and teens – to their precise location.”
Responding to the Fears
In response to the increased concerns regarding mobile data collection, Catherine Novelli, Apple’s VP of worldwide government affairs explained that the company currently provides tools allowing customers to control the collection and use of data on its mobile devices, including location data. Novelli said, “Apple does not track users’ locations – Apple has never done so and has no plans to ever do so.” However, the recent flurry of activity over the company’s iPhone and 3G-enabled iPads speak to the contrary.
Alan Davidson, Google’s director of public policy for the Americas responded that Google supports the development of a legal privacy framework that ensures broad-based user trust and that will support continued innovation.
Bret Taylor, the Chief Technology Officer of Facebook, warned that too much regulation may stifle innovation amongst mobile technology and service providers: “Adopting overly restrictive policies will prevent our social features from functioning in the way that individuals expect and demand.”
In its statement to the subcommittee, the FTC suggested extending the application of its Do-Not-Track mechanism. Introduced in December 2010, the Do Not Track feature for internet browsers would allow users to opt out of sharing browsing data completely and protect their privacy. This suggestion was made in order to give end users increased control over the amount and type of personal data stored by companies, preventing the sharing of sensitive data with third parties, or the use of sensitive data against the individual’s wishes.
The FTC recommended that this Do-Not-Track mechanism should apply to mobile and desktop devices: “At least for purposes of web browsing, the issues surrounding implementation of Do Not Track are the same on mobile devices and desk top computers.” Currently, FTC staff is developing ways to implement Do Not Track mechanisms on mobile apps.
This article takes a look at the May 19, 2011 Senate Subcommittee hearing on “Consumer Privacy & Protection in the Mobile Market Place.” As mobile phones and location-based apps are becoming more ubiquitous, this has raised a number of consumer concerns regarding the amount and type of sensitive information that is being collected, stored and shared by developers and third-parties. The subcommittee hearing was an opportunity for those on both sides of the debate to express their opinions. The FTC suggested extending the Do Not Track mechanism for web browsers to include mobile devices as well.
CIPP Exam Preparation
In preparation for the Certified Information Privacy Professional/Information Technology (CIPP/IT) exam, a privacy professional should be comfortable with topics related to this post, including:
- Sensitive Personal Information (SPI) (I.A.b.)
- Data accountability (I.B.c.)
- Consumer privacy concerns (II.A.a.)
- Government and citizen surveillance (II.A.k.)
- Social networking services (VI.C.)
- Location-based services (VI.E.)