US senators unveil mobile privacy, data theft bills

The Location Privacy Protection Act would require companies like Apple and Google and applications developers to obtain express consent from mobile users before sharing information about their location with third parties.

The Data Security and Breach Notification Act would require businesses and nonprofits to put in place strong security features for safeguarding sensitive data and to notify consumers in the event of a breach of their systems.

Senator Al Franken, a Democrat from Minnesota who co-sponsored the mobile privacy bill, said it would ensure consumers know what location information is being collected and would let them decide if they want to share it.

"Our laws do too little to protect information on our mobile devices," Franken said in a statement.

"Geolocation technology gives us incredible benefits, but the same information that allows emergency responders to locate us when we're in trouble is not necessarily information all of us want to share with the rest of the world.

"This legislation would give people the right to know what geolocation data is being collected about them and ensure they give their consent before it's shared with others," Franken said.

Franken chairs the Senate Judiciary Subcommittee on Privacy, Technology and the Law, which held a hearing on mobile privacy in May featuring representatives from Apple, Google, the Justice Department and the Federal Trade Commission.

Representatives of Apple and Google both stressed their commitment to privacy at the hearing and said users can opt out of location-sharing on the iPhone and Google Android devices.

The data protection bill comes after a series of high-profile cyberattacks including one on Sony's online operations which may have compromised personal information for more than 100 million accounts.

"If companies are going to collect and store consumers' personal information, safeguarding that information should be priority number one," said Senator Mark Pryor, a Democrat from Arkansas who co-sponsored the bill.

"Unfortunately, we're seeing some very popular companies outsmarted by hackers," he said. "We need to pass strong security and notification standards before this problem spins further out of control."

Senator Jay Rockefeller of West Virginia, the other co-sponsor, said "the consequences of data breaches can be grave: identity theft, depleted savings accounts, a ruined credit score, and trouble getting loans for cars, homes and children's education.

"Companies that maintain vast amounts of consumer information need to have effective safeguards in place to keep sensitive consumer information secure," Rockefeller said.

The Data Security and Breach Notification Act would require businesses or nonprofit organizations that store personal information to establish reasonable security policies and procedures to protect the data.

In the event of a security breach, they would have to notify each individual whose information was accessed.

Consumers whose information was compromised would be entitled to receive consumer credit reports or credit monitoring services for two years.

(c) 2011 AFP