New House bill targets mobile device tracking software

Summary:Massachusetts Rep. Ed Markey's proposed Mobile Device Privacy Act is aimed at protecting device users.

A mobile phone privacy bill that would require vendors to disclose tracking software and get end-user consent before activating that software was introduced Wednesday into the U.S. House of Representatives.

Massachusetts Rep. Ed Markey (D) proposed the Mobile Device Privacy Act (H.R.6377), which would cover any mobile services, device or vendor offering downloadable mobile applications.

In addition to disclosing monitoring capabilities and obtaining consent, the bill would require the party receiving the personal information taken from the device to have policies in place to secure that information. Companies would also be required to file agreements on the transmission of personal information with the Federal Trade Commission (FTC) and Federal Communications Commission (FCC).

The bill was referred to the Committee on Energy and Commerce with Rep. Diana DeGette (D-Colo.) listed as a co-sponsor.

The legislation grew out of Markey’s request last year to the FTC to investigate Carrier IQ, whose software was discovered on hundreds of thousands of devices to the surprise of the owners of those devices.

The proposed legislation requires that consumers be told what type of monitoring software is installed, what information is being monitored and transmitted, the identity of the person or persons who will see or share the data, how the data will be used, and the procedures the consumer must follow to discontinue the monitoring and collecting. The FTC is also provided latitude to add to the regulations.

The Mobile Device Privacy Act is less specific about forms of disclosing that monitoring software is active, saying that it must be “made in a clear and conspicuous manner, to be determined by the Federal Trade Commission.”

Consumers are already getting hip to tracking and monitoring.

A study released Wednesday by the Pew Research Center, found that half of American adults who use smartphone apps decided not to install applications that demanded too much personal data.

Under the proposed legislation, consumers could be compensated up to $3,000 per violation if those violations are deemed willful or knowing.

The Electronic Privacy Information Center (EPIC) supports Markey’s legislation and in July recommended that the FTC require mobile carriers to implement comprehensive privacy and security protections based on Fair Information Practices.

Opposition arose from the Software & Information Industry Association (SIIA). On it’s blog, Mark MacCarthy, vice president of public policy for SIIA, wrote the bill is “the wrong way to go. It would impose rigid privacy rules on the mobile industry that can only lead to stagnation and a loss of innovative dynamism.” The group, which counts major software vendors among its members, is concerned about a chilling effect on the “application economy”  in terms of jobs.

Topics: Mobility, Privacy

About

John Fontana is a journalist focusing on access control, identity, privacy and security issues. Currently, he is the Identity Evangelist for strong authentication vendor Yubico, where he writes and edits a blog, as well as, directs several social media channels and represents Yubico at the FIDO Alliance. Prior to Yubico, John spent five y... Full Bio

zdnet_core.socialButton.googleLabel Contact Disclosure

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Related Stories

The best of ZDNet, delivered

You have been successfully signed up. To sign up for more newsletters or to manage your account, visit the Newsletter Subscription Center.
Subscription failed.