James Denvil, an associate in our Washington office, contributed to this entry.
Mobile Privacy in the Senate
On December 4, Senator Al Franken (D-MN), chairman of the Senate Subcommittee on Privacy, Technology, and the Law released a revised version of the Location Privacy Protection Act that would require companies to obtain express consent from users before collecting, recording, obtaining, or sharing geolocation information from mobile devices.
Franken introduced a version of the bill last year, which would have applied to the collection of location information from smartphones, laptops, tablets, in-vehicle navigation devices, and any other devices intended to be carried by or travel with users. Under the 2011 measure, companies collecting location information without consent would have been liable for civil penalties of no less than $2,500.
Sources indicate that the revised version allows companies to get one-time approval from users rather than having to obtain permission every time location information is collected or shared. The revised bill also specifies that it does not apply to law enforcement.
The Senate Judiciary Committee considered but did not vote on the measure on Thursday, December 6. The committee chose to delay voting on the measure until its next business meeting, scheduled for December 13. Senator Charles Grassley (R-IA) explained that the vote was delayed to give the committee time to ensure that the measure’s enforcement mechanisms do not create undue burdens for industry.
Mobile Privacy in the House
On December 5, House Democrat Hank Johnson of Georgia released the first of three provisions for his planned AppRights.us bill that would address mobile app transparency, security, and control. AppRights.us is a web-based project initiated by Johnson to develop mobile privacy legislation. Each provision of the bill will be released for a two-week public comment period, and the congressman will report on the feedback he receives before introducing the bill.
The first provision addresses user control. It requires that developers enable users to delete mobile applications and the personal information stored by mobile applications at any time. Developers would also be prohibited from using or sharing personal information collected via deleted mobile applications within a reasonable time after the applications are deleted.
The provision can be viewed here.
Mobile Privacy in California
The “Fly Delta” app allows users to check in for flights, view and change their reservations, track their baggage, rebook flights, access frequent flyer accounts, and manage other information related to their travels. Harris claims that the app collects personal information from travelers, including location information and account numbers. “California law is clear,” Harris said, “Mobile apps collecting personal information need privacy policies.”
By filing this suit, Harris makes clear that if apps lack those needed privacy policies, she will take action.