Mobile Device Privacy Legislation Proposed


[author: Jill Westmoreland]

Rep. Ed Markey (D-Mass.) introduced the Mobile Device Privacy Act (H.R. 6377) which would require disclosure of the use of monitoring software on mobile devices; consent to the collection of information, including a user's location, that is collected using monitoring software; and information security policies and procedures to safeguard collected data.

The bill authorizes the FTC to promulgate regulations that would require certain entities to make clear disclosures about the use of monitoring software with the capacity to monitor the use of a mobile device or the location of the user and to transmit the information to another device or system.

The disclosure requirements would apply to sellers of mobile devices that have monitoring software installed on the device, certain providers of commercial mobile or data services, manufacturers of mobile devices or mobile operating systems that install monitoring software on a device after it is sold to a consumer, and operators of websites where consumers can download monitoring software for mobile devices. These entities would be required to make the following disclosures:

1. The fact that monitoring software is installed on the mobile device, or the fact that the software the consumer is downloading is monitoring software;
2. The types of information the monitoring software is capable of collecting and transmitting;
3. The identity of any person who receives such information;
4. How such information will be used; and
5. Procedures for consumers who have consented to such collection and transmission to opt out of future collection and transmission.

Express Consent
Those subject to the disclosure requirements would be required to obtain the express consent of consumers prior to any data collection by monitoring software and to provide consumers who have consented to the collection and transmission an opportunity to opt out of future collection and transmission.

Information Security
The Act would also authorize the FTC to require anyone who directly or indirectly receives information transmitted from monitoring software that is subject to the disclosures to establish and implement policies and procedures for safeguarding that information.

The Mobile Device Privacy Act would be enforced by the FTC, FCC, and state Attorneys General. The bill also permits a private right of action whereby consumers could be compensated up to $3,000 per violation if those violations are deemed willful or knowing.

This bill follows the FTC’s publication of a guide to help mobile app developers comply with truth-in-advertising standards and basic privacy principles when marketing new mobile apps.


Written by:

Published In:

DISCLAIMER: Because of the generality of this update, the information provided herein may not be applicable in all situations and should not be acted upon without specific legal advice based on particular situations.

© Loeb & Loeb LLP | Attorney Advertising

Don't miss a thing! Build a custom news brief:

Read fresh new writing on compliance, cybersecurity, Dodd-Frank, whistleblowers, social media, hiring & firing, patent reform, the NLRB, Obamacare, the SEC…

…or whatever matters the most to you. Follow authors, firms, and topics on JD Supra.

Create your news brief now - it's free and easy »

All the intelligence you need, in one easy email:

Great! Your first step to building an email digest of JD Supra authors and topics. Log in with LinkedIn so we can start sending your digest...

Sign up for your custom alerts now, using LinkedIn ›

* With LinkedIn, you don't need to create a separate login to manage your free JD Supra account, and we can make suggestions based on your needs and interests. We will not post anything on LinkedIn in your name.