WASHINGTON — If you’re swiping right on Tinder, the company knows where you are.
That’s kind of the point — you’re trying to find out who exactly is 0.5 miles away, after all. But Sen. Al Franken also wants to make sure you know that Tinder is taking your GPS data, and who else they’re sharing that data with.
On Tuesday, Franken introduced the Location Privacy Protection Act of 2015 in the U.S. Senate, which would require companies to get the consent of users before they share location data they’ve collected with third parties. The legislation — which Franken has introduced three times before — is also being branded as an anti-stalking, anti-domestic violence measure: it would ban smartphone apps that use location data to help stalkers find and harass victims.
Despite that broadly agreeable provision, it’s still unlikely other elements of the bill will gain much traction in the Republican-held Congress.
In an interview with MinnPost, Franken explained, “the basic premise here is that people have a right to privacy, and this bill is about your location being tracked. You have a right to know who’s taking your location and if they’re sharing it with other people.”
Franken, who is the top Democrat on the Senate Judiciary Subcommittee for Privacy, Technology, and the Law, said the genesis of his law was testimony from the Minnesota Coalition for Battered Women, which told the story of a St. Louis County woman whose abusive partner used stalking software to discover she was seeking a restraining order. Franken said three-quarters of domestic violence shelters have reported use of stalking apps.
“It’s an incredibly large law enforcement problem,” Franken said.
Loopholes persist in privacy law
In a summary of his proposed legislation, Franken says that stalking apps are legal and brazenly market themselves to consumers, thanks to a so-called loophole in the Electronic Communications Privacy Act of 1986 that lets companies gather and share GPS data with third parties. It’s why an app that might not need your location (a game, for example) requires your location anyway — so it can show you targeted ads that third-party vendors in the area have paid to run.
As any smartphone user knows, apps that collect location data will notify the user of that fact before use and give the user a choice to opt out. But details on whether or not that data is shared with third parties is often buried in the fine print, and Franken’s law envisions a notification that makes it more explicit to users. “We’ve actually worked with a lot of these stakeholders in this and crafted our legislation to be easy to comply with,” Franken said.
But the tech and advertising companies that rely on — and, increasingly, profit enormously from — this data have pushed back against the bill, arguing that it would have unintended consequences. In a 2014 story on that session’s version of the bill, the National Journal newspaper called GPS data collection the “golden goose of mobile advertising,” a $43 billion a year industry in total.
The Interactive Advertising Bureau, a digital advertising trade group, told National Journal that version of Franken’s bill could harm their industry as well as the larger app development industry. “The misappropriation of a user’s data for criminal activity is distinctly different from the legitimate commercial practices that consumers have come to expect and value; and, is responsible for much of the free or low-cost digital services and applications we enjoy today.”
Privacy watchdog groups, however, appear to be pleased. Mark Jaycox, a legislative analyst with the Electronic Frontier Foundation said Franken has been a “great advocate” on privacy issues.
The proposed law “clearly has an enforcement authority and the transparency angles. Consent is also very important and the bill touches on all of these aspects.”
Path ahead is uncertain
For his part, Franken acknowledged that industry groups weren’t happy about certain provisions in his law, but said “there is real agreement on the stalker piece of it. That is going to be the easier lift.”
When asked why he didn’t separate the two topics and advance the anti-stalking measures in a separate bill, Franken said, “I’ve introduced it the way I’ve introduced it for a reason. When they’re taking your location, that’s a lot of sensitive information…this data can be used in a very sophisticated way that ultimately leads to a very troublesome violation of basic privacy rights.”
The bill will now head to the Privacy, Technology, and the Law Subcommittee, which Franken chaired before Republicans took over the Senate this year. The first iteration of his law cleared subcommittee in 2012 but did not get a vote on the Senate floor, and the 2014 version failed to advance.
It’s doubtful that a bill placing new regulatory restrictions on tech companies — even with a popular anti-stalking element — will get much play in the Republican Senate. Indeed, the bill has six co-sponsors, but all are Democrats, including Massachusetts Sen. Elizabeth Warren, California Sen. Dianne Feinstein, and Illinois Sen. Dick Durbin. “Some of my Republican colleagues have some issues with this,” Franken admitted. “I think they can be worked through.”
Ultimately, Franken said, the focus of the debate should be on the people most hurt by the misuse of GPS data. The millions of Americans who use a service like Facebook, he said, “have the right to say, ‘Gee, I don’t want you to do that,’ or, ‘Fine, I don’t care.’ A lot of people feel that way.
“I say you don’t have to care,” he went on. “You can sign onto anything that takes your location… Obviously, the stalker part affects people who have no idea that’s being done. That’s led to awful consequences of people being assaulted.”