One of the most useful features of mobile applications (or “mobile apps”), from both a consumer and mobile app operator standpoint, is the fact that mobile apps are, as the name implies, mobile. That is, the mobile apps travel with the user via that user’s mobile device and this mobility creates a unique opportunity to offer and receive location-based services. Location-based services are enabled by geolocation tracking software that interacts with the mobile apps (and the underlying mobile devices) in order to pinpoint the approximate geographic location of the mobile device.

Location-based services offer a wide range of conveniences, from recommendations for nearby restaurants to the best routes to and from desired destinations, but they do raise significant privacy concerns. Not every consumer is comfortable with mobile app operators having the ability to track the whereabouts of her/his mobile device and, by extension, the consumer her/himself. Thus, mobile app operators that wish to offer location-based services that are enabled by geolocation software must be sure to follow applicable regulatory and industry guidelines regarding obtaining and maintaining consumer consent, making the proper disclosures regarding geolocation information collection and use practices and ensuring that proper security protocols are in place.

What Rules Must a Mobile App Operator Comply with When Using Geolocation Tracking Software?

Ensuring that Your Geolocation Tracking and Location-Based Services Are Compliant

In order to utilize geolocation tracking in connection with a mobile app, the mobile app operator must first obtain the consent of the mobile app end-user. This consent should be obtained prior to any geolocation tracking and should come via an affirmative action on the part of the end-user such as checking an unchecked box that appears next to the consent language, not merely agreeing to the Terms of Use/EULA and/or Privacy Policy associated with the mobile app. Likewise, the applicable mobile app’s Privacy Policy should detail the means for consumers to revoke any previously granted consent.

Further, the mobile app’s Privacy Policy should contain disclosures regarding the types of geolocation information collected, how that information is used and with what third parties (if any) that information is shared. This information should only be retained by the mobile app operator for as long as necessary to deliver the applicable location-based service associated with the mobile app.

In addition, mobile app operators that collect geolocation information about end-users must employ reasonable security protocols sufficient to protect such end-user information from unauthorized access, alteration, destruction, use or disclosure.

Don’t Have a One Track Mind

The specific means for obtaining consumer consent, as well as the specific Privacy Policy disclosures and security policies, should vary depending on the functionality and features of each mobile app, the type of location-based services featured by and through each mobile app and the underlying geolocation tracking activity associated with same. Given the sensitive nature of the privacy concerns associated with tracking end-users’ locations, it is highly recommended that you retain qualified legal counsel to ensure that your policies and practices associated with any location-based services that you offer, and geolocation tracking that you engage in, are compliant in all respects.

If you are interested in learning more about this topic or require assistance in ensuring that your geolocation tracking processes are compliant, please e-mail us at info@kleinmoynihan.com, or call us at (212) 246-0900.

The material contained herein is provided for informational purposes only and is not legal advice, nor is it a substitute for obtaining legal advice from an attorney.  Each situation is unique, and you should not act or rely on any information contained herein without seeking the advice of an experienced attorney.