Report calls for tougher rules to protect cellphone location data

ADVERTISEMENT

Mobile carriers can determine a phone's location based on the cell towers that it connects to or if it has a GPS chip. Location information can be shared with mobile applications or other third parties. 

The GAO noted that location information can be used to provide helpful services and more effective advertisements. But the office warned that the information can also enable consumer profiling, identity theft, stalking and government surveillance.

Police often do not use warrants to obtain historical location data from mobile carriers, the GAO wrote. 

"In addition to information related to a crime, the location data collected by law enforcement may reveal potentially sensitive destinations, such as medical clinics, religious institutions, courts, political rallies, or union meetings," the agency wrote.

The National Telecommunications and Information Administration (NTIA) is currently leading discussions between companies and privacy groups to develop codes of conduct for protecting mobile phone privacy. But the GAO report criticized NTIA for not developing "performance goals, milestones, or deliverables."

The report noted that the Federal Trade Commission has the authority to take action against companies that deceive consumers about their privacy practices. But the GAO urged the FTC to develop comprehensive industry guidelines for how companies should handle mobile location data.

"Without clearer expectations for how industry should address location privacy, consumers lack assurance that the aforementioned privacy risks will be sufficiently mitigated," the office wrote.

The GAO conducted the study at the request of Sen. Al FrankenAlan (Al) Stuart FrankenGillibrand defends her call for Franken to resign Gillibrand: Aide who claimed sexual harassment was 'believed' Kirsten Gillibrand officially announces White House run MORE (D-Minn.).

“I believe Americans have a fundamental right to privacy: to know what information is being collected about them and to be able to control whether or not that information is shared with third parties,” Franken said in a statement. “And this report clearly shows that mobile industry companies often fail to respect that right, giving out consumers’ location data without their knowledge or explicit consent."

He argued that the report shows the need for his Location Privacy Protection Act. The bill would require companies to get a customer's consent before collecting location information and before sharing it with other private parties.

Rep. Edward MarkeyEdward (Ed) John MarkeySenate Dems petition Saudi king to release dissidents, US citizen The Hill's 12:30 Report: Manafort sentenced to total of 7.5 years in prison Hillicon Valley: Google takes heat at privacy hearing | 2020 Dems to debate 'monopoly power' | GOP rips net neutrality bill | Warren throws down gauntlet over big tech | New scrutiny for Trump over AT&T merger MORE (D-Mass.) said he welcomed the GAO's call for tougher privacy protections. He urged Congress to take up his Mobile Device Privacy Act, which would also require consumer consent for location monitoring and would set data-security standards.