Intel drafts privacy license for mobile device software
Consumer-friendly policy requires good behavior from developers
IDG News Service - Intel Corp. has attached a privacy license to its new location-aware software product, intended to protect cell phone users’ personal information as mobile devices increasingly rely on tracking technology to provide targeted services.
Installed on a smart phone or ultramobile PC, location-aware software can use GPS (Global Positioning System) technology to produce tailored information like driving directions, nearby restaurants and movie schedules. The downside of that feature is that handsets can double as tracking devices if location data is not kept private. The abuse of such access could range from civil liberties violations to physical threats in the cases of vulnerable people like battered spouses, Intel fears.
So, Intel has added a privacy addendum to the Eclipse Public License it uses for the software application called Privacy Observant Location System (POLS), according to a posting on Intel's Web site by John Miller, the privacy and security policy manager of Intel's corporate technology group.
The addendum says that vendors must inform the end user what information is recorded and how long it is stored, and it requires developers to include opt-out capability so users can change those settings, Miller said.
POLS is a tool for mobile application developers that determines its location by triangulating between nearby radio beacons such as GSM (Global System for Mobile Communications) cells or Wi-Fi access points. Location-aware devices use various approaches, relying on the wireless provider to track every device, or on GPS chips, which can have poor reception in dense cities.
POLS supports eight models of Windows Mobile-based phones made by HTC (High Tech Computer Corp.) and Motorola Inc., branded by carriers including Audiovox Corp., Cingular Wireless, Orange PLC and T-Mobile USA Inc.
While Intel's ethics concerns are compelling, the market may be slow to react to this initiative because so few customers actually use location-based technology, analysts say.
Only 10% of the PDAs sold today are equipped with internal GPS antennas, and most of those are in Europe, where the more complex roads and diversity of languages have made street mapping a larger market, said Todd Kort, principal analyst for Gartner Dataquest.
In contrast, nearly 90% of CDMA (code division multiple access) phones from Sprint Nextel Corp. and Verizon Communications Inc. offer assisted-GPS technology, which relies on Intel's type of cell tower navigation technique. But most users don't know it exists or have chosen not to use it, he said.
"It's great that it's there, and someday we'll appreciate it, but it is something that's in the back of Americans' minds and will not be a driving force for sales," Kort said.
In the meantime, Intel faces a continuing challenge as it must convince developers to abide by its privacy initiative. The new addendum is useless if software developers don't obey it, so the company has begun a campaign to build support in the open-source community. Intel has asked members of the Open Source Initiative to refine and adopt the policy as an acceptable amendment to the OSI's standard open-source license, and made available to the open-source community at large.
"We believe that a bottoms-up effort to encourage the development of privacy-sensitive social norms is necessary, and in fact critical, for both privacy and public adoption of the technology," Miller said. "We post this information here with the hope that others will see value in this approach."
Intel drafted the policy after discussions with the Value Sensitive Design Research Lab at the University of Washington, with other academics at the University of California, Berkeley, and Johns Hopkins University, and with private-sector lawyers.
- Mobile First: Securing Information Sprawl Learn how the partnership between Box and MobileIron can help you execute a "mobile first" strategy that manages and secures both mobile apps...
- Cybersecurity Imperatives: Reinvent your Network Security The Rise of CyberSecurity
- Surescripts Case Study- Securing Keys and Certificates Surescripts implemented Venafi's Trust Protection Platform™ to secure digital keys and certificates, ensure the privacy and confidentiality of electronic clinical information for its...
- Ponemon 2014 SSH Security Vulnerability Report According to research by the Ponemon Institute, 3 out of 4 enterprises have no security controls in place for SSH which leaves organizations...
- Live Webcast How to serve up a Grand Slam with a scalable IT Infrastructure for cloud, big data and advanced analytics Register today to attend this webcast, and see examples of how The U.S. Tennis Association, Wimbledon and U.S. Golf Association are using the...
- Live Webcast Security Vulnerabilities Associated With Having Local Administrator Privileges Viewfinity will demonstrate how removing admin rights and granularly managing privileges at the application level reduces the attack surface.
- Live Webcast IBM FlashSystem V840: Leveraging Software-Defined Flash to Drive Your Business With end-to-end, tightly integrated functionality and super-fast flash technology, products like IBM FlashSystem V840 Enterprise Performance Solution empower businesses to leverage the efficiency...
- Responding to New SSL Cybersecurity Threat The featured Gartner research examines current strategies to address new SSL cybersecurity threats and vulnerabilities.
- Deep Dive into Advanced Networking and Security with Hybrid Cloud Security and networking are among the top concerns when moving workloads to the cloud. VMware vCloud® Hybrid Service™ enables you to extend your...