GAO-12-93, September 11, 2012
What GAO Found
Using several methods of varying precision, mobile industry companies collect location data and use or share that data to provide users with location-based services, offer improved services, and increase revenue through targeted advertising. Location-based services provide consumers access to applications such as real-time navigation aids, access to free or reduced-cost mobile applications, and faster response from emergency services, among other potential benefits. However, the collection and sharing of location data also pose privacy risks. Specifically, privacy advocates said that consumers: (1) are generally unaware of how their location data are shared with and used by third parties; (2) could be subject to increased surveillance when location data are shared with law enforcement; and (3) could be at higher risk of identity theft or threats to personal safety when companies retain location data for long periods or share data with third parties that do not adequately protect them.
The Congressional Research Service recently prepared for the Members and Committees of Congress a report titled, “Smart Meter Data: Privacy and Cybersecurity“ (R42338), published on February 3, 2012 by co-authors Bradon J. Murril, Edward C. Liu, and Richard M. Thompson II.
Summary: Fueled by stimulus funding in the American Recovery and Reinvestment Act of 2009 (ARRA), electric utilities have accelerated their deployment of smart meters to millions of homes across the United States with help from the Department of Energy’s Smart Grid Investment Grant program. As the meters multiply, so do issues concerning the privacy and security of the data collected by the new technology. This Advanced Metering Infrastructure (AMI) promises to increase energy efficiency, bolster electric power grid reliability, and facilitate demand response, among other benefits. However, to fulfill these ends, smart meters must record near-real time data on consumer electricity usage and transmit the data to utilities over great distances via communications networks that serve the smart grid. Detailed electricity usage data offers a window into the lives of people inside of a home by revealing what individual appliances they are using, and the transmission of the data potentially subjects this information to interception or theft by unauthorized third parties or hackers.
by Aaron Brauer-Rieke, CDT, February 8, 2012
Against the backdrop of controversy surrounding the use of monitoring software pre-installed on mobile phones, Rep. Edward Markey (D-MA) recently released a draft bill requiring clear disclosure and express consent before monitoring software is used. … Markey’s bill requires several kinds of companies to clearly disclose details about monitoring software and obtain express consent before putting such software to use. The entities obligated to observe these requirements are those that (1) sell mobile phones, (2) provide commercial mobile services, (3) manufacture phones, or (4) operate a “website or other online service from which a consumer downloads monitoring software.” The bill also requires the user to consent to the software’s operation before it can begin collecting and transmitting information. …
For a summary and analysis of this bill by the Center for Technology and Democracy, visit Bill Requires Permission for Mobile Monitoring Software | Center for Democracy & Technology.
- Congressman Proposes Legislation to Outlaw Mobile Device Snooping (techland.time.com)
- Lawmaker Pushes Consumer Notification Bill in Wake of Carrier IQ Concerns (pcworld.com)
- “Mobile Device Privacy Act” would prevent secret smartphone monitoring (arstechnica.com)
- New Mobile-Phone Privacy Law Proposed (wired.com)
By Tanzina Vega, NYT, August 14, 2011
For many Internet users, online privacy policies are long and difficult to read. Transfer those same policies to a mobile device, where users can find themselves clicking through multiple screens often with tiny type, and the policies can become almost useless to the average consumer.Yet those same policies govern how much user data is collected through mobile applications and how that data is shared with advertisers and other third parties. And with growing concern over data collection, including proposed legislation to more closely protect consumers, one company is trying to make privacy policies that are both easy for consumers to read and easy for mobile application developers to create. …
For full text of the article, visit Industry Tinkers to Create Privacy Tools for Mobile Devices – NYTimes.com.
- Industry Tries to Streamline Privacy Policies for Mobile Users (nytimes.com)
- Media Decoder Blog: In a First, F.T.C. Settles With App Developer Over Children’s Privacy (mediadecoder.blogs.nytimes.com)
- App-maker fined over kids’ privacy (politico.com)
- Apps Maker Settles Privacy Case (online.wsj.com)
Privacy and Data Security: Protecting Consumers in the Modern World
Jun 29 2011 at 10:00 AM in the Russell Senate Office Building – 253
WASHINGTON, D.C.—Chairman John D. (Jay) Rockefeller IV today announced a full committee hearing on privacy and data security. The hearing will examine how entities collect, maintain, secure, and use personal information in today’s economy and whether consumers are adequately protected under current law. The Commerce Committee will hear from representatives from relevant government agencies as well as business and consumer advocate stakeholders.
Please note the hearing will also be webcast live via the Senate Commerce Committee website at http://commerce.senate.gov.
Witness Panel 1
- The Honorable Julie Brill, Commissioner, Federal Trade Commission
- The Honorable Cameron F. Kerry, General Counsel, U.S. Department of Commerce
- Mr. Austin Schlick, General Counsel, Federal Communications Commission
Witness Panel 2
- Mr. Scott Taylor, Vice President and Chief Privacy Officer, Hewlett-Packard Company
- Mr. Stuart Pratt, President and CEO, Consumer Data Industry Association
- Ms. Ioana Rusu, Regulatory Counsel, Consumers Union
- Mr. Tim Schaaff, President, Sony Network Entertainment International
- Mr. Thomas M. Lenard Ph.D., President and Senior Fellow, Technology Policy Institute
- CU Poll: Consumers want government to protect Internet privacy (news.consumerreports.org)
- House, Senate Tackle Data Security (techdailydose.nationaljournal.com)
- Focus On Data Breaches Tops House Commerce Privacy Agenda (techdailydose.nationaljournal.com)
- Bits: Who Could Become the Data Sheriff? (bits.blogs.nytimes.com)
Privacy in Europe and the United States: I Know It When I See It | Center for Democracy & Technology
by Omer Tene, Center for Democracy and Technology Website, June 27, 2011
This post is part of “CDT Fellows Focus,” a series that presents the views of notable experts on tech policy issues. This week, CDT Fellow Omer Tene is our guest contributor. Posts featured in “CDT Fellows Focus” don’t necessarily reflect the views of CDT; the goal of the series is to present diverse, well-informed views on significant tech policy issues.
There is a great deal of cross-Atlantic harmony with respect to fundamental legal concepts. A contract is a contract in both the United States and France; it is formed by offer and acceptance, and awards specific performance or damages upon breach. Likewise, a tort is a breach of a civil duty; and a corporation a distinct legal entity. Yet when it comes to privacy, the cross-Atlantic harmony breaks down. While the psychological need for and social value of privacy are universal, legal and societal privacy norms diverge to the extent that we must ask whether we are speaking about the same thing. …
For full text of the article visit Privacy in Europe and the United States: I Know It When I See It | Center for Democracy & Technology.
FCC steps into privacy debate over location-based data, announcing forum
Technology, Los Angeles Times, May 17, 2011
The Federal Communications Commission is stepping into the simmering privacy debate over location data collected through cellphones and mobile devices, announcing a forum next month on the issue that could lead to rules governing the coveted information. … The FCC said Tuesday it had invited Apple, Google and other technology companies, along with wireless providers, consumer groups and academic experts, to participate in a public education forum in Washington on June 28. Among the topics: how location-based services work, their benefits and risks, and information parents should know about location tracking of children who use mobile devices.
Full text of the article via FCC steps into privacy debate over location-based data, announcing forum | Technology | Los Angeles Times.
- FCC, FTC To Look Into Cellphone Tracking (techdailydose.nationaljournal.com)
- FCC, FTC to hold mobile location privacy forum (news.cnet.com)
- Congress, FCC look into Apple tracking (geodatapolicy.wordpress.com)
- Senate has more questions for Apple, Google, Facebook on privacy (arstechnica.com)