CTIA Proposes Guidelines for Guarding Privacy of Caller Location Information
CTIA is proposing “best practices” on privacy rules for location-based services (LBS), such as applications that track caller location to provide weather alerts, driving directions, traffic updates and concierge services. Sources said Thursday that LBS privacy could emerge as a major issue, comparable to the FCC’s focus on pretexters, who lie to obtain calling records. In 2002, the FCC rejected a request by CTIA for LBS regulations.
Sign up for a free preview to unlock the rest of this article
Communications Daily is required reading for senior executives at top telecom corporations, law firms, lobbying organizations, associations and government agencies (including the FCC). Join them today!
“This is poised to become a very big issue,” said John Verdi, who tracks it for the Electronic Privacy Information Center. It filed the complaint that led to tougher FCC rules requiring carriers to protect customer proprietary network information. “When you're dealing with pretexting… the information obtained may result in identity theft or stalking,” Verdi said. “Location-based information may result in actual physical violence. I think the level of seriousness is heightened.”
The CTIA guidelines lay out criteria for LBS providers. For example, a company that sells software that takes advantage of a cellphone’s GPS capability would be considered a provider, but the wireless carrier that provides the network wouldn’t. CTIA also proposes basic principles. “The hallmark of these guidelines is notice,” the draft says. “LBS providers must inform LBS users about how their location information will be used, disclosed and protected so that a potential LBS user can make an informed decision whether or not to use the service or authorize the disclosure.”
CTIA General Counsel Michael Altschul told the FCBA’s Wireless Committee Thursday that his group is looking for advice on the draft guidelines. They were “surprisingly difficult” to develop, he said. “Every time we thought we had caught up… new services kept cropping up.”
Altschul said the CTIA board will consider the guidelines in April. “This is something our members want,” he told us. “They're very concerned about a bad actor giving everyone a black eye and they want to put out a set of best practices.” He said guidelines are preferable to FCC rules. “It may be very hard for policymakers to strike the right balance,” he said. “The guidelines have a lot of examples which we hope will begin to educate everyone, stakeholders and policymakers, as to the complexity and range of issues.”
In 2002, the FCC rejected a CTIA petition seeking a rulemaking on LBS privacy, partly because “commercial wireless location-based services are in a developmental stage and are just beginning to emerge.” Altschul said “the commission at that point thought that the services were not sufficiently deployed and also suggested that industry best practices would be a more flexible approach.”
Commissioner Michael Copps dissented from the 2002 decision, saying the FCC should approve “clear rules” for LBS providers to follow. “Does the majority’s inaction in this proceeding mean that they expect to deal with these critical issues in individual, piecemeal decisions after consumer privacy has been violated?” he asked. “We cannot afford this dangerous course.”