A recent national survey of smartphone users, not surprisingly, revealed that privacy, transparency, choice, and control are important considerations for users.  Indeed, many users indicated that they want more choices and easier access to controls regarding advertising tracking and geolocation data.  Legislators and consumer advocacy groups are taking heed.

map-location-370x229.jpgOn May 10, 2011, the Senate Committee on the Judiciary, Subcommittee on Privacy, Technology and the Law held a hearing entitled “Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones and Your Privacy.”  Witnesses from Google and Apple were “grilled on over their so-called “Locationgate” problems.”

On May 13, 2011, Representatives Markey and Barton introduced the “Do Not Track Kids Act of 2011,” which would amend the Children’s Online Privacy Protection Act of 1998 (COPPA).  Key provisions of the bill would expand COPPA to cover mobile applications and unique device identifiers (e.g. IP addresses), establish new privacy rules for minors under 18, prohibit targeted marketing to minors, and require express consent from parents or teens prior to the collection of geolocation information.

On May 17, 2011, Senator Patrick Leahy introduced a bill (ECPA Amendments Act of 2011) proposing amendments to Title II of the Electronic Communications Privacy Act (ECPA), which is known as the Stored Communications Act (SCA).  Two provisions related to geolocation data would require the government to obtain express owner consent or a warrant prior to accessing “geolocation information” directly from an “electronic communications device” or indirectly from a service provider except in emergencies.   Also on May 17, the FCC announced that it was seeking public comments on location based services.

The European Union’s Article 29 Working Party released an opinion on May 18, 2011, which held that geolocation data is personal information governed by the EU Data Protective Directive.  The opinion also set forth a list of best practices for obtaining user consent to collect geolocation data.

 On May 19, 2011, the Senate Subcommittee on Consumer Protection, Product Safety and Insurance held a hearing on consumer privacy and protection in the mobile marketplace following recent concerns that companies are secretly collecting geolocation data.  During the hearing, witnesses from Facebook, Apple, and Google  were again grilled regarding privacy policies and practices for mobile apps.  Senator Kerry pressed the witnesses from Facebook, Apple, and Google to support his Commercial Privacy Bill of Rights Act and Senator Rockefeller did the same for his Do Not Track bill.  David Vladeck also testified that the FTC is “looking for good enforcement targets” as it investigates mobile privacy, including violations of COPPA.  The FTC is  also seeking public comments on its enforcement of COPPA.

Following the Senate hearing, the Center for Democracy & Technology and the Future of Privacy Forum released a statement in response to the Senate hearing, announcing that they are working with mobile app stakeholders to develop best practices and privacy principles for mobile devices.  The statement identified six fundamental user privacy issues that it would address: (1) having a privacy policy for every mobile app; (2) providing users with meaningful choice regarding collection, disclosure, and use; (3) minimizing data that is collected; (4) having appropriate data security; (5) educating users about data that is collected; and (6) incorporating privacy by design.