Lawmaker pushes consumer notification bill in wake of Carrier IQ concerns
Markey's bill would require phone companies to notify consumers of tracking software on handsets
Computerworld - U.S. Rep. Edward Markey (D-Mass.) has proposed a bill that would require all phone companies to notify consumers of any user tracking and monitoring software in their cell phones.
Markey's proposed Mobile Device Privacy Act is in response to the recent controversy surrounding the use of Carrier IQ's user tracking software in millions of mobile phones from companies such as Sprint, AT&T and T-Mobile.
"Consumers have the right to know and to say no to the presence of software on their mobile devices that can collect and transmit their personal and sensitive information," Markey said in a statement today.
The bill would require phone companies to follow a laundry list of items before they can install and collect data using mobile-tracking tools.
The bill, for instance, would require companies to disclose the presence of tracking software in their handsets at the time of purchase. It would also require them to notify consumers if any tracking software is installed on their phones after sale, via software upgrades or in mobile applications.
The disclosure would need to include details such as the type of information that will be collected, how the information will be used and with whom the data will be shared.
Phone companies would be required to obtain explicit opt-in consent from users before they can collect data from mobile handsets. Third parties that collect or access such tracking data also would be required to have policies for protecting that data. All agreements with third parties would be filed with the Federal Trade Commission and the Federal Communications Commission.
Markey's proposed legislation is still only a discussion draft and there's no telling how far it will go in Congress. Still, it is a reflection of the widespread concerns caused by the discovery last November, that several phone companies had installed Carrier IQ's data collection software on their mobile handsets without notice or user consent.
Carrier IQ and the phone companies have steadfastly maintained that the software was used only to collect network and device-related data and not personal information.
However, their repeated assurances have done little to squelch concerns related to the use of Carrier IQ's software.
Markey, a senior member of the House Energy and Commerce Committee, last month asked the FTC to investigate whether Carrier IQ had violated statutes associated with unfair and deceptive trade practices.
Earlier this month, U.S. Reps. Henry Waxman (D-Calif.), G.K. Butterfield (D-N.C.) and Diana DeGette (D-Colo.) called for a similar investigation of the data collection and transmission capabilities of Carrier IQ's software and similar products from other vendors.
Following the outcry, Sprint said it would disable Carrier IQ's software on all 26 million handsets on which it had been installed. Apple said it would do the same on all iPhones in which Carrier IQ's software had been installed.
Jaikumar Vijayan covers data security and privacy issues, financial services security and e-voting for Computerworld. Follow Jaikumar on Twitter at @jaivijayan or subscribe to Jaikumar's RSS feed . His e-mail address is email@example.com.
- Lawmaker pushes consumer notification bill in wake of Carrier IQ concerns
- Goodbye 2011 ... What a year!
- Sprint disables Carrier IQ software on its handsets
- Iran tricked U.S. spy drone into landing in country, report says
- FBI never sought Carrier IQ data, director says
- Carrier IQ moves to allay fears of its tracking software
- FBI rejects FOIA request for Carrier IQ info
- Google's Schmidt calls Carrier IQ software a keylogger
- Carrier IQ downplays 2010 patent request
- 8 companies hit with lawsuit over Carrier IQ software
Read more about Privacy in Computerworld's Privacy Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts