Triangle-netbar

Breaking: HTC One review

The Senate's mobile privacy committee hearing

  • And we're underway -- Al Franken is welcoming people to the first hearing of this committee.
  • Franken is thanking Seantor Leahy, who helped to create the committee. Leahy's thanking Franken right back.
  • Leahy says that new devices have many benefits for consumers, but many threats to privacy. "I am very concerned about reports that the Apple iPhone and Google Android may be tracking user location"
  • He's concerned that companies might sell user locations without user consent -- "Great, so they can sell better ads."
  • And Leahy's turned things back over to Franken. "I want to take a moment to explain what this subcommittee is about." A "fundamental shift" in privacy.
  • "When I was a kid privacy was about protecting ourselves from the government.... Now we also have relationships with large corporations that have large amounts of our information."
  • "The existence of this business model is not a bad thing.... it's usually a good thing. I love that I can use Google Maps. Same for the app on my iPad that tells me the weather. But there needs to be a balance... because the Fourth Amendment doesn't apply to corporations."
  • "Why business might do a lot of things better than the government, government is at least directly accountable to the American people."
  • "We have some privacy protections here and there, but we're not close... I believe consumers have a fundamental right to know what information is being collected about them, and to control how that information is being used."
  • "This technology give us incredible benefits, let me repeat that.... but the same information that allows responders to locate us when we're in trouble is not information that we want to share all the time with the world."
  • Referencing the Wall Street Journal investigation that found 47 of the top 100 iPhone and Android apps transmitted user information without consent.
  • And we're going through the iPhone location tracking story, he's referencing Android as well. "In each of these cases users had no idea what was going on, and when they learned about it, had no way to stop it."
  • "When I sent a letter to Apple about location tracking, the first group to reach out to my office was the Minnesota Coalition for Battered Women."
  • "But it isn't just stalking -- I think this hearing will show that there is a range of harms that come from privacy breaches... our federal law does far too little."
  • "Privacy policies are generally so long and complicated they are generally not read before being dismissed."
  • "I just want to be clear -- the answer to this problem is not ending location-based services. No one wants to stop Apple or Google from doing what they do. You guys are brilliant. When people think of brilliance they think of the guys that founded your companies. Today is about finding a balance."
  • Turning it over to Senator Coburn. Joking that he's got an app to track Franken. Franken: "That makes me very nervous."
  • And we're back to Franken, who's starting the first panel. This round is Jessica Rich, deputy director of the FTC's Bureau of Consumer Protection and Jason Weinstein, Deputy Assistant Attorney General of the US Department of Justice.
  • Jessica Rich up now. The FTC has been protecting privacy for 40 years.
  • The FTC has hired technologists and created a mobile lab with various smartphones and software to gather and collect evidence.
  • "What is clear from our work is that the rapid growth technology has created serious privacy concerns."
  • The FTC has brought four cases against technology companies that improperly used consumer data.
  • Talking about the Google Buzz settlement, which includes a 20-year ongoing review of Google's privacy policies.
  • Talking about Twitter, which also is under 20 years of ongoing privacy and security audits by the FTC.
  • "I want to emphasize that while the mobile arena presents new challenges, the underlying concerns are ones that the FTC has been dealing with for 40 years. At bottom, it's about users knowing what's happening with their data."
  • Jason Weinstein making his opening remarks now.
  • "We have witnessed an explosion in mobile technology... Now more than ever the world is almost literally at our fingertips."
  • "As the use of mobile devices continues to grow, they are increasingly tempting targets for thieves and criminals."
  • Three types of threats -- first, cybercriminals and identity thieves.
  • "The line between mobile devices and personal computers is shrinking every day."
  • The second threat -- collection and disclosure of personal information by companies, including app providers.
  • The third category of threats comes from criminals who use technology to facilitate their own crimes. Law enforcement needs access to that data to catch the bad guys. "Many wireless providers do not maintain the records necessary to trace an IP address back to a cellphone... those records are absolutely necessary."
  • And it's question time for the first panel.
  • Franken: The FTC has said companies need "express affirmative consent before collecting four things: information about children, financial info, medical info, precise geographic location. Why is location important enough to get consent?
  • Rich: Location is collected over time, you can tell what church they've been to, what political meetings they go to. That is sensitive information.
  • Franken: A lot of people can and do get hold of my information when I use my smartphone. Under current law, each of those entities can disclose my location without me knowing it?
  • Weinstein: Yes, there are many restrictions on providers sharing your data with the government, but none preventing sharing location data with other companies. Some restrictions on medical info, etc. And some companies that don't fall under telecom law have no restrictions at all.
  • Franken: Do any companies in mobile have to meet data security standards? What's to prevent them from being hacked?
  • Weinstein: I'm not aware of any legal requirement that any company that has your data needs to secure that data in any way. There's also no requirement for data retention, which affects law enforcement, and companies say that if they do retain data they are at great risk of being hacked.
    It's something to consider.
  • Senator Coburn: Both of you have demonstrated that there's a lot you can do under current law. What else do you need legally without diminishing the benefits of technology?
  • Rich: The FTC hasn't sponsored any specific legislation, but they think companies should have "privacy by design" and develop products and services that maximize security of privacy data.
  • Coburn: Can you do that through regulation?
  • Rich: We use the FTC act to bring action against companies that don't do those things. We also want streamlined and easy choice for consumers. We don't see privacy options, and when we do it might take 100 clicks to get there. We want it to be easier for consumers to exercise choice.
  • Rich: The third piece is greater transparency overall -- privacy policies should be easy to read and easy to compare, and consumers should be able to access the data companies have on them.
  • Coburn: Do you have the ability to implement that under the FTC Act now?
Powered by ScribbleLive