News Feature | March 20, 2015

Proposed CA Bill Would Create GPS Data Privacy Protections For Mobile Device Users

Christine Kern

By Christine Kern, contributing writer

Proposed CA Bill Would Create GPS Data Privacy Protections For Mobile Device Users

California state senator Mark Leno has introduced a bill that would require clear notice regarding how location information will be used and shared when consumers install new apps. The bill, SB 576, would also ensure that app users give expressed consent before their geolocation data could be collected and shared.

“Part of the genius of today’s mobile apps is their ability to pinpoint a person’s precise location, but that information shouldn’t be gathered or shared without the user’s knowledge and permission,” Senator Leno says in a press release. “This legislation ensures that consumers know their data is being collected, and how it is being used, so they can then make informed decisions to protect their privacy.”

Part of the impetus for the legislation was a 2012 Federal Trade Commission (FTC) report, collecting data on mobile apps for children, which found that apps were sharing information, including geolocation data, device identification and phone numbers, with third parties without disclosing that fact to the smartphone or tablet user.

Further, a 2015 report by TRUSTe reveals that 78 percent of American consumers are concerned that smart devices are revealing their location without their knowledge. In addition, a 2013 FTC report on mobile privacy revealed that few consumers know or understand how information is being collected from their mobile devices, and most are surprised to know this data is also being shared with third parties such as advertisers. As a result, the FTC recommended providing consumers with privacy disclosures before allowing apps to access sensitive content like geolocation.

Legislators seem to be getting nervous about the potential consequences of GPS technology. In 2014, Senator Al Franken introduced The Location Privacy Protection Act of 2014, which sought to protect consumers and victims of stalking by limited the collection of location data without the user’s knowledge. The bill died in Congress.

Meanwhile, the Geolocation Privacy and Surveillance Act seeks to establish a legal framework that gives government agencies, commercial entities, and private citizens clear guidelines for when and how geolocation information can be accessed and used. In addition, the GPS Act would prohibit businesses from disclosing geographical tracking data about its customers to others without the customers' permission.

On January 22, 2015, Sen. Ron Wyden (D-OR) and Rep. Jason Chaffetz (R-UT) reintroduced the legislation for the 114th Congress. Their bills (S. 237 and H.R. 491) were referred to the House and Senate judiciary committees and the House intelligence committee.

According to the GPS.Gov website, several U.S. states and non-U.S. jurisdictions have enacted laws establishing personal location privacy rights. However, current U.S. statute at the federal level does not provide clear protection of geolocation information.

Meanwhile, representatives in the industry think that the legislation is a sort of Chicken Little phenomenon. “We don't know of abuses of the data,” John Doherty, a vice president for state policy for TechNet, an organization with members including Google and Apple, told The Sacramento Business Journal.

“The basic concepts of transparency and consumer consent are things that our industry believes in,” Doherty said. However, mandating a new process for every app could create “a frustrating consumer experience by duplicating notices and making it a hassle,” he said.

SB 576 will be heard in policy committees in the California Senate this spring.