NYC Seeks to Ban Sharing of Location Data
The Federal Trade Commission has long policed locating tracking practices and the monetization of applications by displaying third-party advertisements. For example, FTC CID attorneys have aggressively pursued action against companies that did not receive opt-in consent before tracking the consumer’s location and regardless of the consumer’s location settings, undermining consumers’ location privacy preferences.
Geofencing is a hotbed of scrutiny by FTC attorneys. Precise geolocation data is sensitive personal information increasingly used in consumer products and services. The use of geolocation information can raise concerns because it can reveal a consumer’s movements in real time and provide a detailed record of a consumer’s movements over time.
Geolocation information may be sold to companies to help build profiles about consumers without their knowledge or consent, or it could be accessed by cybercriminals, hackers or through surreptious means such as “stalking apps.”
It is well-established that the FTC will use its enforcement authority under Section 5 of the FTC Act to take action against companies engaged in unfair or deceptive practices involving geolocation information. In fact, the FTC previously entered into a settlement with the mobile messaging app Snapchat, resolving FTC allegations that Snapchat made multiple misrepresentations to consumers about the disappearing nature of messages sent through its service, as well its transmission of users’ geolocation information.
Now, New York City Council members have proposed to ban location data sharing. More specifically, the City Council bill to ban the sharing of cellphone users’ geo-location data to marketers was recently presented for debate.
With limited exception, the proposed legislation would prohibit telecommunication carriers and mobile applications from sharing a user’s location data to third-parties when the data is collected while the mobile communication device is located in NYC.
The NYC Department of Information Technology and Telecommunications would maintain enforcement authority. Each violation would be subject to a civil penalty of $1,000. Multiple violations could potentially be capped at $10,000.
Consumers that have had their location data shared unlawfully would be provided with a private right of action and may be entitled to recover statutory damages of $1,000, per violation – with a potential cap – and attorneys’ fees.
Consult with experienced FTC CID attorneys to discuss the implementation of data privacy compliance protocols. Should this bill pass, digital marketers will be obligated to exclude NYC location data and marketing contracts will need to account for prohibitions on sharing location data. Further, vendor contracts with telecommunication companies and mobile applications should include explicit affirmations to not share location data from devices located in NYC.
Richard B. Newman is a digital advertising lawyer at Hinch Newman LLP. Follow FTC CID lawyer on Twitter.
Attorney Advertising. Informational purposes only. Not legal advice.