June has seen a flood of activity on Capitol Hill seeking to protect consumer geolocational privacy. Within a few days of one another, three bills were introduced that, if enacted, would require consumer consent before geolocation information attained through mobile devices can be collected, used or disclosed to third parties. On June 14, 2011, Rep. Jason Chaffetz (R-UT) and Rep. Robert Goodlatte (R-VA) introduced the Geolocational Privacy and Surveillance Act (GPS Act) (H.R. 2168) in the House and, on June 15, 2011, Sen. Ron Wyden (D-OR) introduced companion legislation in the Senate (S. 1212). Similarly, on June 16, 2011, Sen. Al Franken (D-MN) and Sen. Richard Blumenthal (D-CT) introduced geolocational privacy legislation of their own – the Location Privacy Protection Act of 2011 (S. 1223).
Notably, both the GPS Act and Franken-Blumenthal bill prohibit the collection, use or disclosure of consumer geolocation data without consumer consent subject to certain exceptions. The GPS Act is broader in scope than the Franken-Blumenthal bill, applying to federal and state government entities as well as commercial service providers while the Franken-Blumenthal bill is limited to commercial service providers. Both bills would impose criminal and civil penalties for unlawful collection, use and disclosure of geolocation data and empower the states and Federal government to enforce consumer data protection. These bills build on the growing legislative activity on privacy and data security potentially impacting any entities that utilize consumer geolocation data.
Communications service providers, mobile application developers and device-makers that utilize geolocation data need to be aware of these developments and the potential implications for their business models and data flow processes. Click here for more on the key provisions of the GPS Act and Franken-Blumenthal bill.
Christopher S. Koves contributed to this post.