"Because individuals often carry their mobile devices with them, location data may be collected everywhere and at any time, often without user interaction, and it may describe both what a person is doing and where he or she is doing it," according to the prepared testimony of John Morris, Director of the Internet Standards, Technology and Policy Project for the Center for Democracy and Technology.
The House Energy & Commerce Subcommittee on Commerce, Trade and Consumer Protection and the Subcommittee on Communications, Technology and the Internet are holding a joint hearing this morning to review possible action by Congress to protect consumers' privacy.
The near-exact location-tracking technology can reveal visits to potentially sensitive destinations, like medical clinics, courts, political rallies and union meetings. It has also increased the risk of stalking and domestic violence as perpetrators are able to use location-based services to gain access to location information about their victims, Morris plans to tell the committee today.
Companies that use the location-based services say they have baked privacy protections into the product. Jerry King, Chief Operating Officer for uLocate, said consumers can choose not to allow its product to detect their locations. Consumers can also manually set their location to a place other than their actual position to maintain privacy.
King said uLocate can also serve location-aware ads that have proven very successful, boosting the mobile economy. "We do not share personally identifiable location information of users with any third parties," he said.
Another service provided by Useful Networks requires consumers to "check in" when they arrive at a location, forcing them to "opt in" to any interaction with the service.
Michael Altschul of CTIA, the wireless industry's trade group, said its members are in the process of revising its guidelines for collecting and sharing location information to reflect the fact that wireless carriers are not always involved in the collection process.
Consumers can download an application to a handset without any involvement or knowledge by a wireless carrier, so CTIA's guidelines must now also address software providers.
Still, Altschul said CTIA requires service providers to clearly notify consumers of how their location data will be used and to periodically remind them when their data is being shared with others.
Congress, he said, has a oversight role in making sure services abide by the guidelines, as well as clarifying how location data may be released to law enforcement.
"Service providers need clarity as to not be caught in the middle of these disputes regarding the appropriate legal standard," according to his prepared testimony.
Committee members will get to weigh in at the 10 a.m. hearing.