Jan 30th, 2012

Do privacy issues regarding mobile apps concern you? Or are you one of the “if you’re not doing anything wrong you shouldn’t have anything to worry about” types? Either way, the Carrier-IQ scandal caused a stir when the app was discovered pre-installed on mobile handsets, collecting data including geographic locations and times, without prior consent of the user. Congress is trying to prevent similar suspicious activity with the introduction of the Mobile Device Privacy Act.

If it passes, the bill could also have an impact on organizations such as CarrierCoverage.com — scheduled to officially launch in one week — which hope to crowd-source mobile performance metrics while being transparent, open, and honest about their methods and practices:

Whereas Carrier-IQ was built for private use by manufacturers/carriers, Carrier Coverage is built for consumers with the hope of offering accurate and unbiased reports on those very manufacturers/carriers. The Mobile Device Privacy Act will affect all of these groups.

The bill would enforce several requirements for companies doing any type of mobile tracking, most obviously that carriers, manufacturers, and app/game developers must disclose any tracking software installed on the device at point of purchase and/or make disclosure if installed afterwards. The user would have to provide consent and the company would have to make visible attempts to protect the data.

All of this sounds extremely fair, but it’s also concerning to consider the potential pitfalls of putting protection into text. As we all know, Congress doesn’t always get it right, and specific wording within the bill could make or break lawsuits and cases based on the act. Most obviously, note how the bill begins:

To require disclosures to consumers regarding the capability of software to monitor mobile telephone usage, to require the express consent of the consumer prior to monitoring, and for other purposes.

Great- so that means that software to monitor Android Tablets and iPads are protected? Call me crazy, but minute details and loopholes like these are unfortunately a big part of our legal system. And it goes both ways: just as there are loopholes for companies wanting to collect data there are likely sticking points where companies with good intentions could fall subject to fines and penalizations although acting in good faith.

We’re still quite a distance before any legislation becomes law, but given quotes like those from Al Franken-

“the default for collecting any kind of personal data should be opt-in consent,”

“we have a fundamental right to know what information is being collected about us and who it is shared with.”

-I think the motives are spot on. Let’s just hope they integrate them in such a way that services like Carrier Coverage aren’t faced with unsurmountable challenges while dealing consumers a fair hand.

What are your thoughts? Do you see a difference between Carrier-IQ and Carrier Coverage? Let us know how you think this legislation should move forward – if at all – in the comments below.

[CarrierCoverage.com, TheVerge, VentureBeat]