- A bill introduced in the New York City Council this week would ban telecommunications carriers and mobile apps from sharing users' location data, collected anywhere in the city's five boroughs, to third parties without permission. Councilman Justin Brannan introduced the legislation, believed to be the first of its kind in the United States.
- It comes with some telecoms under scrutiny for allegedly selling customers' data to bad actors like bounty hunters. AT&T is the subject of a class action lawsuit in California from the Electronic Frontier Foundation (EFF) for allowing access to customers' location data without permission.
- Brannan introduced the bill due to what he says is the inaction of the federal government to tackle issues around data privacy. "It's really focused on protecting the consumer, who is completely unaware that their data is being bought and sold on the market," Brannan told Smart Cities Dive in an interview.
If DC won’t ban this dangerous breach of privacy, NYC can lead the way, and protect people in the process.— Justin Brannan (@JustinBrannan) July 23, 2019
My bill would make it illegal for cell companies and mobile apps to share your location info without your explicit permission. https://t.co/QikRzutQcA
Federal privacy legislation has been the subject of much debate in Congress for several months now, albeit with little tangible progress, so Brannan said he is seizing the bull by the horns with this city-level bill. He said that major cities like New York can be leaders in this and other areas, especially if the federal government chooses to take a back seat.
"The fact that people's data is being sold and harvested to third parties is frankly scary," Brannan said. "If the federal government won't get involved and ban this dangerous breach of a person's privacy, then New York City needs to lead the charge and we need to protect people in the process."
An investigation by Motherboard earlier this year found that any cellphone users' location data can be bought for as little as $300, and that telecom companies were making that data available to third parties without checking for authorization. Brannan said this legislation is designed to protect most people who aren't aware of such schemes and do not know how to prevent it. It could also be part of a broader city-level push to crack down on bad business practices.
"This is our job," Brannan said. "It's our time to find out what our jurisdictions are, what our legal avenues are and to come up with something airtight to fight this."
Brannan's legislation may face opposition from telecom companies, who said earlier this year they have stopped the practice altogether but may still be subject to action from the Federal Communications Commission (FCC). In a statement, officials with the Interactive Advertising Bureau (IAB), the national trade association for the digital media and marketing industries, said they would review the bill but that they support its goals.
"IAB supports strong consumer privacy protections for personal information, including for precise location data, that prevents companies from using consumer data in ways that are unexpected and harmful," Dave Grimaldi, IAB's executive vice president of public policy, told Smart Cities Dive in an email. "Consumers and businesses need and deserve a uniform national data privacy law that protects consumers regardless of where they reside while preserving the benefits that come from responsible use of data."
The bill has also received support from EFF, which praised the bill for giving customers control over who gets to see their data.
"Users need strong privacy protection laws at the local, state, and national level to prevent the sharing and sale of their data without consent," EFF spokeswoman Karen Gullo told Smart Cities Dive in an email. "Tech and telecom companies have failed to protect, and have profited, from their customers' data."