Rep. Ed Markey (D-Mass.) introduced a mobile privacy bill that would require disclosure of the use of monitoring software on mobile devices; consent to the collection of information, including a user's location, that is collected using monitoring software; and information security policies and procedures to safeguard collected data.

Disclosures

The proposed Mobile Device Privacy Act would authorize the FTC to promulgate regulations that would require certain entities to make clear disclosures about the use of monitoring software with the capacity to monitor the use of a mobile device or the location of the user and to transmit the information to another device or system.

The disclosure requirements would apply to sellers of mobile devices that have monitoring software installed on the device, certain providers of commercial mobile or data services, manufacturers of mobile devices or mobile operating systems that install monitoring software on a device after it is sold to a consumer, and operators of websites where consumers can download monitoring software for mobile devices. These entities would be required to make the following disclosures:

• The fact that monitoring software is installed on the mobile device, or the fact that the software the consumer is downloading is monitoring software;
• The types of information the monitoring software is capable of collecting and transmitting;
• The identity of any person who receives such information;
• How such information will be used; and
• Procedures for consumers who have consented to such collection and transmission to opt out of future collection and transmission.

Express Consent

Those subject to the disclosure requirements would be required to obtain the express consent of consumers prior to any data collection by monitoring software and to provide consumers who have consented to the collection and transmission an opportunity to opt out of future collection and transmission.

Information Security

The Act would also authorize the FTC to require anyone who directly or indirectly receives information transmitted from monitoring software that is subject to the disclosures to establish and implement policies and procedures for safeguarding that information.

Filing Copies of Agreements

Anyone who directly or indirectly receives information from monitoring software that is subject to the disclosures and who does not have an agreement with the consumer must file with the FTC or the FCC a copy of the agreement that permits the receipt of this information.

Enforcement

The Mobile Device Privacy Act would be enforced by the FTC, FCC, and state Attorneys General. The bill also permits a private right of action whereby consumers could be compensated up to $3,000 per violation if those violations are deemed willful or knowing. 

This client alert is a publication of Loeb & Loeb LLP and is intended to provide information on recent legal developments. This client alert does not create or continue an attorney client relationship nor should it be construed as legal advice or an opinion on specific situations.

Circular 230 Disclosure: To assure compliance with Treasury Department rules governing tax practice, we inform you that any advice (including in any attachment) (1) was not written and is not intended to be used, and cannot be used, for the purpose of avoiding any federal tax penalty that may be imposed on the taxpayer, and (2) may not be used in connection with promoting, marketing or recommending to another person any transaction or matter addressed herein.