Feeds

US Senators pen Act to ban location-based stalking

Watching the watchers

Beginner's guide to SSL certificates

Two US senators have filed a new Act called the Location Privacy Protection Act, which would require stricter controls and more transparency for all cellular companies that collect location data.

The Bill, brought by Senator Al Franken and co-sponsored by Senator Richard Blumenthal would make it illegal to divulge location information to any third party, and set penalties for a variety of location offences, including location-based stalking.

A special report commissioned by the Department of Justice in 2009 uncovered that there were 26,000 victims of GPS stalking each year, many of them by cellphone.

Last month Senator Franken held Senate Judiciary hearings on privacy which helped him collect data for this bill and shape its content. Of particular concern were the behavior of Apple and Google, which are said to make location data available to a large number of applications.

Beastly acts

Senator Al Franken

Franken: Right to Privacy

If the bill passes, they will be obliged to tell the user that location data is being held and specifically asked, on each occasion if it is okay to release that data to another company.

Franken says that Apple iPhones and Google Android smartphones automatically send location data from the phone to Apple and Google, even when the users are not using location applications. It has been suggested, and denied by Apple, that in Apple's case users have no way to stop this data collection.

Senator Franken is most concerned that a number of prior US Acts contradict one another, specifically the Cable Act and the Communications Act prohibit companies from freely disclosing customer location. while the Electronic Communications Privacy Act (ECPA) has a clause that allows smartphone companies, app companies, and phone companies to freely share their customer location data without consent.

The ECPA allows location collection when the internet is used on the phone. Franken wants these provisions changed and made explicit.

In April when this issue first broke, Apple put out a letter to satisfy customers that it was not overtly collecting location data and explained that it only collected a map of local hotspots and cell towers so that "if" an Apple customer asked for his or her location, it could then provide it quickly, combining GPS and cell tower triangulation.

We know where you live

But Apple insists that the data held on the iPhone is a small subset of this, and not usable by anyone else and that only an anonymous version of that data ever left the phone, and then it was encrypted. The Senators disagreed and said that they found many Apps which clearly have location data.

Apple continues to insist that it has not offered up this data to applications, which might then offload that data to remote databases, but the senators feel there is enough evidence so show that location privacy is being breached.

The bill calls on the National Institute of Justice to issue a study on the use of location technology in dating violence, stalking and domestic violence and to facilitate the reporting of these crimes to the FBI's Internet Crime Complaint Center.

It also calls on the Attorney General to develop a training curriculum so that law enforcement, courts, and victim advocates can better investigate and prosecute crimes involving the misuse of location data.

The bill will also create criminal penalties for so-called "stalking apps" which knowingly and intentionally disclose geo-location information when there is a potential for domestic violence or stalking to occur.

It also criminalizes knowing and intentional aggregation and sale of the location data of children 10 years old and younger. The bill has the support of a broad coalition of consumer protection and anti-stalking advocacy groups. If such US legislation passes, it is likely to provide a template for wider law-making around the world.

Copyright © 2011, Wireless Watch

Wireless Watch published by Rethink Research, a London-based IT publishing and consulting firm. This weekly newsletter delivers in-depth analysis and market research of mobile and wireless for business. Subscription details are here.

Bootnote

You can see Senator Franken introducing the Location Privacy Protection Act in this YouTube clip.

Internet Security Threat Report 2014

More from The Register

next story
Download alert: Nearly ALL top 100 Android, iOS paid apps hacked
Attack of the Clones? Yeah, but much, much scarier – report
Broadband sellers in the UK are UP TO no good, says Which?
Speedy network claims only apply to 10% of customers
Virgin Media struck dumb by NATIONWIDE packet loss balls-up
Turning it off and on again fixes glitch 12 HOURS LATER
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Fujitsu CTO: We'll be 3D-printing tech execs in 15 years
Fleshy techie disses network neutrality, helmet-less motorcyclists
Facebook, working on Facebook at Work, works on Facebook. At Work
You don't want your cat or drunk pics at the office
Soz, web devs: Google snatches its Wallet off the table
Killing off web service in 3 months... but app-happy bonkers are fine
prev story

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
10 threats to successful enterprise endpoint backup
10 threats to a successful backup including issues with BYOD, slow backups and ineffective security.
Reg Reader Research: SaaS based Email and Office Productivity Tools
Read this Reg reader report which provides advice and guidance for SMBs towards the use of SaaS based email and Office productivity tools.
The Heartbleed Bug: how to protect your business with Symantec
What happens when the next Heartbleed (or worse) comes along, and what can you do to weather another chapter in an all-too-familiar string of debilitating attacks?