Senate Judiciary Subcommittee Holds Hearing on the Location Privacy Protection Act

On June 4, 2014, the Senate Judiciary Committee’s Subcommittee on Privacy, Technology and the Law held a hearing to consider S. 2171, the Location Privacy Protection Act as introduced by the Subcommittee Chairman, Senator Al Franken (D-MN).

S. 2171 would prohibit the development, sale, and use of “stalking apps,” which Senator Franken described as mobile applications that secretly track individuals and are often used to commit acts of domestic violence. The bill would also place new restrictions on the commercial collection of location data from mobile devices.

Senator Franken and Senator Jeff Flake (R-AZ) were the primary senators at the hearing.  Both senators voiced support for the anti- stalking provisions of the bill. However, Senator Flake stated that he had concerns about the commercial restrictions in the bill harming innovation.

The first witness panel consisted of representatives from the federal government, including the Federal Trade Commission (FTC) and the Department of Justice. The panel also expressed support for the anti-stalking provisions of the bill. The FTC representative requested that the commercial provisions of the bill include enforcement authority for the Commission. The panel also criticized current disclosures regarding location data collection by commercial entities.

The second panel consisted of industry representatives, including the Digital Advertising Alliance (DAA), as well as consumer advocates. This panel discussed current industry efforts to self- regulate data collection and sharing, as well as how these activities may impact the economy.

Senate Permanent Subcommittee on Investigations’ Hearing and Report on Potential Security threats in Online Advertising

On May 15, 2014, the U.S. Senate Homeland Security and Governmental Affairs Committee’s Permanent Subcommittee on Investigations (PSI) held a hearing with industry stakeholders and  a representative of the Federal Trade Commission (FTC) to  examine potential security threats that Internet users may face from online advertising, specifically the potential for cybercriminals to use online advertising to deliver malicious software. During the hearing, Senator John McCain (R-AZ), Ranking Member of the PSI, discussed findings and recommendations from a related PSI report released a day before the hearing.1  At the hearing, Senator McCain announced that in light of potential security threats in online advertising, he is considering reintroducing the Commercial Privacy Bill of Rights Act, a bill that he co-introduced with former Senator John Kerry in the previous session of Congress.

The PSI report focuses on the potential threat of “malvertising,” defined as “advertisement-based malware,”2 and includes recommendations for advertisers and self-regulatory groups to  take action to address such security threats.  The report recommends that the industry: (1) establish better practices and clearer rules to prevent online advertising abuses; (2) strengthen security information exchanges within the online advertising industry to prevent abuses; (3) clarify specific prohibited practices in online advertising to prevent abuses and protect consumers;  and (4) develop additional “circuit breakers” to protect consumers.

During the hearing, Senators McCain and Carl Levin (D-MI), Chairman of PSI, questioned industry stakeholders on how they plan to address potential consumer concerns regarding malvertising. Representatives of tech companies testifying at the hearing described the data security protocols and technologies their companies have in place to help address the issue, such as robust scanning to detect malware. Lou Mastria, Executive Director of the Digital Advertising Alliance (DAA), discussed how the DAA’s Self-Regulatory Principles offer consumers transparency and choice to control the collection and use of web viewing data by third parties for advertising purposes. Maneesha Mithal, Associate Director of the FTC’s Division of Privacy and Identity Protection, explained the FTC’s concerns regarding malvertising and noted  that the FTC encourages industry self-regulation in online advertising.