On June 15, 2011, Senator Al Franken (D-MN) and Senator Richard Blumenthal (D-CT) introduced the Location Privacy Protection Act of 2011 (the “Act”). As we reported previously, Senator Franken is chairman of the newly-created Senate subcommittee on Privacy, Technology and the Law. In his press release, Senator Franken explained that the Act is designed to “close current loopholes in federal law” while giving customers the ability to learn about and prevent the collection of their location information. The Act would apply only to non-government entities and would not impact law-enforcement activities. At a May 10, 2011 hearing, both Google and Apple were questioned about their privacy practices, and Franken subsequently challenged them to require their application developers to adopt clear and understandable privacy policies.
According to a summary of the legislation provided on Senator Franken’s website, both the Electronic Communications Privacy Act and the Video Privacy Protection Act served as models for the Act’s provisions. The Act would require companies that get location information from smartphones or other mobile devices to obtain their customers’ express consent before collecting the data or sharing it with third parties. In addition, companies that receive location information from more than 5,000 mobile devices would be obligated to “take reasonable steps to protect that information from reasonably foreseeable threats.” Finally, companies would have to respond to any customer’s inquiry regarding whether they have his or her location information, and delete such information upon request.
The Act coincides with increased litigation surrounding the use of location information. As we reported earlier this month, a federal class action complaint recently filed against Google alleges that the company’s Android phone “engaged in illegal tracking and recording of [the p]laintiffs’ movements and locations . . . without their knowledge or consent.”