Location-aware services: one more thing to worry about
CYBEREYE
WILLIAM JACKSON
A new generation of location-based services threatens to open up a whole new can of worms in the debate over privacy. The government reportedly already mines consumer telephone records, and wireless applications that track a user's location could provide a rich new source of data for snoops.
Protecting this data was
the subject of a recent
panel discussion in
Washington hosted by
the Congressional Internet
Caucus Advisory
Committee. 'It is unclear what privacy
rules, if any, apply' to the information, said
John Morris of the Center for Democracy
and Technology.
But government rules alone, even if they
apply, are not adequate to protect privacy.
Recent history makes it clear that effective
control requires rigorous congressional
oversight to ensure that regulations and
laws are being observed, both by companies
that gather data and by the government.
Technology to pinpoint the location of
wireless users is becoming more sophisticated.
There are an estimated 40 million
fixed WiFi access points in the country,
and Skyhook Wireless Inc. of Boston plans
to use them to track customers.
'We know where they are,' said vice president
of marketing and development Jed
Rice. 'We currently have 200 people driving
around the U.S.' By this summer, Skyhook
expects to have mapped access points
in areas covering 75 percent of the U.S. population.
Those maps could be used to deliver
location-based services to mobile users.
Skyhook is already beta testing one of
those services. Loki, as it's called, integrates
with Google to provide location-specific
Web searching. WaveMarket Inc.
of Emeryville, Calif., is offering a service
through Sprint to let family members
track each other's cell phones. The Disney
Co. has announced a similar service.
'We think in the next few years, location
services are going to blossom,' said Jim
Smolen, WaveMarket's vice president of
strategic alliances.
As they do, privacy questions come to
the fore. As of now, service and application
providers such as Skyhook and WaveMarket
take their privacy rules from their carrier
customers. 'We are outside the reach
of regulation,' Rice said. 'What is driving
us now is capitalism.'
Smolen and Rice say their companies do
not track customers and do not gather and
keep identifiable data. But some data always
resides in the service provider's system,
for billing purposes at least, and it
could be vulnerable to warrants or misuse.
In 2001, CTIA'formerly the Cellular
Telecom Industry Association'petitioned
the Federal Communications Commission
for rules protecting location data produced
by applications. The goal was to establish
a 'uniform set of privacy expectations'
that would encourage consumer
demand for location-based services, said
CTIA vice president Michael Altschul.
FCC did not adopt these regulations. It
relies instead on a 1999 law requiring carriers
to secure location data gleaned from
E911 technology. But
this is exactly the data
that carriers have
been accused of turning
over to the National
Security Agency.
As it becomes easier to track every cell
phone, notebook PC, pager, text messager
and yet-to-be-invented mobile device, the
need to prevent abuse of data becomes
more urgent. Agencies will have to spell
out safeguards, and Congress must ensure
that abuses are not tolerated or ignored.
William Jackson is a GCN senior writer. E-mail him at wjackson@postnewsweektech.
com.