Last month I wrote about Senator Franken’s work to protect consumers’ geolocation information. On June 15, just over a month after chairing hearings that questioned Apple and Google on their data collection practices, Senator Franken introduced a co-sponsored bill that seeks to protect smartphone location privacy.
The Location Privacy Protection Act of 2011 (S.1223) supplements current federal law and requires companies that obtain a customer’s mobile device location to get that customer’s prior express consent and get that customer’s permission before sharing location data with third parties. Furthermore, the bill requires a company who obtains the location information for more than 5,000 mobile devices to take reasonable steps to protect that information. The bill also contains provisions that require disclosure of information collected on customer request and deletion of the information in some circumstances.
Senator Franken’s office referenced, in support of the bill, a Wall Street Journal article from December 2010 that revealed that more than 45% of top 101 Apple and Android apps disclosed user location to third parties without consent. The bill was co-sponsored by Senator Blumenthal and also is supported by the Minnesota Public Interest Research Group among others.
The bill is instructive for every developer architecting or updating a mobile app. Key takeaways include that:
1) every app must prominently disclose the collection of location information
2) an app should only share location information when necessary, and if the app shares location information it must be disclosed
3) any repository of app location information must be protected
It’s a long road from bill to a law and the Location Privacy Protection Act may not be a legislative priority. Regardless, Senator Franken is right “geolocation technology gives us incredible benefits, but … is not necessarily information all of us want to share” — at least not unknowingly.