INDUSTRY FACES LONG HOT
SUMMER ON CAPITOL HILL OVER PRIVACY
Revelations that Apple’s iPhone and Google’s Android were geo-tracking its users without their full knowledge and explicit consent, have caused a stir on Capitol Hill at a time when privacy was already becoming a priority in light of growing concerns over behavioral targeting and industry privacy practices.
For example, Google recently entered into a landmark consent decree with the FTC over its introduction of Google Buzz and other items. The consent decree bars Google from misrepresenting the privacy or confidentiality of individuals’ information or misrepresenting compliance with the U.S.-E.U Safe Harbor or other privacy, security, or compliance programs. The settlement requires the company to obtain users’ consent before sharing their information with third parties if Google changes its products or services in a way that results in information sharing that is contrary to any privacy promises made when the user’s information was collected. The settlement further requires Google to establish and maintain a “comprehensive privacy program” and to have independent audits of its privacy and data protection practices every two years. The FTC noted that “this is the first time an FTC settlement order has required a company to implement a comprehensive privacy program to protect the privacy of consumers’ information.”
The iPhone news came after Senators John Kerry and John McCain offered the fourth major privacy bill of the year. In addition to Rep. Jackie Speier’s “do not track” proposal which would require browsers to offer a do not track option, the three remaining bills can be summarized as follows.
|
HR 611 BEST PRACTICES Act Rep. Bobby Rush (D-IL) |
HR 1528 Consumer Privacy Protection Act of 2011 Rep. Cliff Stearns (R-FL) |
S. 799 Commercial Privacy Bill of Rights Sens. John Kerry (D-MA) and John McCain (R-AZ) |
|
|---|---|---|---|
| DISCLOSURE OF TRACKING |
X |
X (FOR PII ONLY) |
X |
| TRACKING OPT-OUT |
X
|
X |
X |
| TRACKING OPT-IN |
X (for sharing only) |
X (for sensitive information only) |
|
| SAFE HARBOR FORSELF REGULATORY PROGRAM |
X |
X |
X |
| PRIVATE RIGHT OF ACTION |
X |
||
| SUMMARY |
The latest news certainly increases pressure on Congress to act. Senator Al Franken (D-MN) has called for Apple and Google to appear before the Senate Judiciary Committee on May 10th which likely will be the first of several hearings in both chambers.
The move also coincides with the White House release of its National Strategies for Trusted Identities in Cyberspace, since a ” secure cyberspace is critical to our prosperity.” The administration report notes that currently users “are asked to maintain dozens of different usernames and passwords, one for each website with which they interact The complexity of this approach is a burden to individuals, and it encourages behavior—like the reuse of passwords—that makes online fraud and identity theft easier” The administration hopes to create a public/private collaboration to crate more secure online identifiers.
More info: How Apple tracks your location without consent, and why it matters, Ars Technica; Franken asks Apple, Google to testify at May 10 privacy hearing, Hillicon Valley; House Republicans question Google, Apple on consumer privacy, Hillicon Valley; National Strategies for Trusted Identities in Cyberspace
Cyber Report 