May 10, 2011
Representatives of Apple, Google, the Federal Trade Commission, the Justice Department and others testified today at a hearing of the Judiciary Subcommittee on Privacy, Technology and Law chaired by Senator Al Franken. Several quick impressions:
The Electronic Communications Privacy Act sorely needs to be updated to deal with the revolution in digital technology that has occurred since the ECPA was adopted decades ago. Amendments seem likely.
Google and Apple have been less than forthcoming about the privacy implications of their mobile technologies.
Steve Jobs should not have denied that iPhones track a user’s location. In a strained sense, the statement is true, but a more accurate and nuanced statement would have been that an iPhone and Apple and many other companies have routinely received time-stamped location data over the last year that gives amazingly detailed and frequent information about the phone’s, and inferentially the user’s, location.
Doubts were raised about how anonymous the “anonymized” location data is that Apple and Google collect and use.
Privacy issues are truly complex and will not yield easy answers, but some answers will emerge from this process that do not now exist.
The benefits of location technology are so useful and beguiling that the answer will not be to try to restrain the general developments in location technology.
Little attention is being given to the impact of location data upon criminal prosecutions and civil litigation as of now, but the congressional process will likely give this issue careful attention.
May 10, 2011
It is difficult for Apple and Steve Jobs fans to see Apple’s response to the recent revelations about location data created and stored on and by iPhones. Yesterday Apple issued a press release about last week’s report by Alasdair Allan and Pete Warden that iPhones with the iOS4 operating system create and store an enormous amount of time-stamped data about the phone’s, and inferentially the user’s, location. The following comments and questions show that Apple’s response is so abstemious as to mislead. Here are some follow-up questions and comments that would help clarify the legal issues that Apple will need to address.
Apple says that it is not “tracking” the location of your iPhone. Apple does not appear to dispute the claims of Allan and Warden that their iOS4-enabled iPhones recorded some sort of “lat-long” (latitude longitude location) data about 100 times a day ever since they got their iOS4-based iPhones. Apple admits that the iPhone records and keeps a cache of Wi-Fi and cell tower data “around” your location. Apple hints that speed is the reason for the creation and caching of this data as compared to the slower processes of GPS, which hints at the advertising, convenience and economic motivations that drive these faster technologies. But in light of all of this, to deny that Apple is “tracking” the cell phone is a semantic quibble.
A more forthright response might be: “We at Apple benefit from this wonderful technology, and so do you. We will be more forthcoming in the future so that you can make informed decisions about the tradeoffs we all must make between precious privacy and incredible economic and life-style advantages.”
Apple says that people are concerned because they are confused and because creators of location-based technology (including Apple) have not provided enough education. Perhaps Apple should add that people are rightly concerned because, even a week after the revelations about the surprising (to most people) iPhone location data, Apple is being so cagey about the problem and the solution.
Ouch! Apple says that the iPhone is not “logging” your location. This is true, unless “logging” means, as most of us use the word, keeping track of data that we or marketers or judges or law enforcement can get to and use in a pinch. Or, as Apple says in its very next sentence: “Rather, [your iPhone is] maintaining a database of Wi-Fi hotspots and cell towers around your current location, some of which may be located more than one hundred miles away from your iPhone.” And, as Apple could add: “Though the location data on your iPhone is not always accurate for reasons that are not yet clear, and sometimes could show that you were in South America when in truth neither you nor your cellphone has been in South America, it is only fair that we should warn you that criminal and civil courts in the United States are likely to allow such evidence in any criminal prosecution or civil litigation that you might ever care about.”
4. Crowd-Sourced Database
This paragraph contains some helpful information: when you sync your iPhone to iTunes on your computer, the detailed data about the cells and Wi-Fi hotspots that you have been in will be replicated on your computer. And: you can set iTunes to encrypt data. And: we plan to stop backing up “this cache” in a new software update soon. The unspoken implications, though, are probably unsettling to many iPhone users: “We could have fixed this earlier. Though there can be aberrations in recorded location data, the overall picture that emerges is surprisingly detailed and accurate.”
5. Data Sent to Apple v. Other Data
Apple says that Apple cannot locate the user based upon geo-tagged Wi-Fi hotspot and cell tower data routinely sent to Apple. This is gratifying as far as it goes, but the Senate Judiciary Committee Privacy Subpanel led by Senator Al Franken will want additional answers at the hearing to which Apple and Google have been invited on May 10, 2011.
6. Year-Long Location Data
Apple says that the reason the iPhone stores so much location data for so long is a “bug” in the software, and that the iPhone does not “need” to store more than seven days of this data to assist the phone in the speed and accuracy of its location-based functions. Does this mean that Apple plans not to sell this data to third parties for marketing? Also, will this change affect – delete or purge or otherwise affect? – the location data that is already stored on an individual’s phone? Does Apple have the ability to do this?
7. Turning Off Location Services
Apple responds to a question about what location data is impacted by the Location Services function on an iPhone. Apple seems to imply that, once a user turns of Location Services, no location data will be generated or recorded or sent to Apple or any third party. Of course, this implication is way too broad. Apple seems to ignore GPS location data entirely. The congressional panel will surely ask follow-up questions about exactly what location technologies are impacted in what way by Location Services. Not all cell tower location will be disabled, for example. Otherwise, the cell tower could not find the phone and the phone could not function as a phone. And Apple phones will still be required to comply with federal regulations requiring a certain minimum ability to locate the cell phone for 911 calls.
8. Other Location Data
Apple responds to a general question about other location data, and reveals that it is working on a database to provide improved traffic (presumably cars) services “in the next couple of years.” A full answer to this question will probably require an examination of the economics of location-based marketing and other location-based services, which Apple mentions in the next paragraph.
9. Location Data to Third Parties
Last year, the Wall Street Journal showed that an enormous amount of data relating to iPhone and Android apps, including location data, is sold to third parties. In its press release yesterday, Apple discusses briefly this general issue, and acknowledges that “our iAds advertising system can use location as a factor in targeting ads,” but warrants that the user’s location is not provided to third parties “unless the user explicitly approves.” The new issues of this last week should re-focus the nation on the details of these important privacy and economic issues.
10. Importance of Privacy and Security
Apple says that it strongly believes that personal information security and privacy are important. Apple can demonstrate this belief by sharing with the Congress and the rest of us the important details of location privacy so that the Congress and we can make informed decisions about privacy, security, services and risk as we make decisions about to enjoy the marvelous services and products that Apple has created.
Employers’ Right to Track Employees’ Location and Communications via Company-Issued Cell Phones and Computers
Done properly, an employer can continuously track an employee’s location and other personal information by monitoring data on the company’s cell phones and computers used by the employee. Done improperly, the company and the company’s managers and agents can be subject to serious criminal and civil penalties. The line between was is legal and what is legal here is thin and faint, but important. There are few lines in the law so faint that separate so much as the line between the legal monitoring of an employee’s mobile devices and monitoring that constitutes a federal crime punishable by up to 24 months in prison.
This blog asks and comments on 12 questions that employees and employers alike must answer to understand what rights an employer has under federal law and some state laws to monitor or obtain cellphone data (mobile laptops present similar issues), and what rights an employee has to prevent the employer’s access to that information.
Because so much hangs on such fine distinctions, however, and because of significant variations among state laws, don’t try this at home without legal counsel. And don’t even think of applying any of this without legal counsel outside of the U.S. where laws may be radically different than in the U.S.
The abstractions about digital privacy are fairly clear and simple:
Most companies allow personal communications on company cell phones and computers. Even companies with policies that limit personal use of these devices often allow more personal use in practice than the restrictive policy allows.
Company ownership, as opposed to employee ownership, of a cell phone or computer increases the likelihood of company liability related to use of the cell phone, but also increases the right of the company to access and monitor data and communications on the phone or computer.
Intentional company “interception” of an employee’s cell phone and computer communications without the employee’s knowledge or consent can constitute a crime under the Stored Communications Act punishable by up to 24 months in prison. SCA § 2701. Other federal statutes also apply in some situations.
Certain employees may under some circumstance have a duty to monitor or access another employee’s cell phone or computer to comply with company policies or to protect the company’s intellectual property.
Most privacy analysis, whether under the U.S. or state constitution or federal or state common law, pivots on the issue whether a person under the particular circumstances had a reasonable (i.e., objective, as opposed to an actual or subjective) expectation of privacy. Company practices and policies have a big impact upon those expectations, and upon the reasonableness of the expectations.
Companies should assume that the law creates inertia in favor of some level of individual privacy. Efforts to overcome that inertia to allow company access and monitoring should be clear, detailed and consistently enforced.
Details and Questions
It’s the nettling details that raise all of the questions:
1. Who owns the phone?
Ownership of the device is important in determining an employee’s rights of privacy. Ownership is not by itself determinative, however. An employee may have privacy rights in data on company phones and computers, and an employer may obtain rights of access and monitoring of employee phones and computers under narrow circumstances.
2. Who owns the information stored on the device?
Likewise, agreements and policies about who owns the data can be important.
3. What do the employee manual and acceptable use policy say about employer access and monitoring?
Employee manuals and policies about the acceptable use of company computers and cell phones should be clear and detailed. Especially if rights of privacy and access are shared instead of absolue, these rights need to be defined in detail.
4. What does the employment contract say?
The more specifically and clearly the written employment agreement specifies a company’s access and ownership rights, and an employee’s right (and therefore reasonable expectation) of privacy, the more likely it is that those rights and expectations will be enforced. Many courts place greater weight upon agreements signed by both parties than on policies and manuals that may not have been read or understood by an employee. City of Ontario v. Quon.
5. Are the duties and rights of the company monitors clear?
To assure access and protection, a company should clearly specify what employees – in the compliance, legal or information technology departments, for example – have what rights and duties under what circumstances to monitor the cell phone and computer data of other employees. The authority of the company (by the board or otherwise, for example) to define and execute such rules and practices should be clear. Shefts v. Petrakis (2010).
6. What do employees know about the company’s actual monitoring practices?
Companies do not normally need to reveal the details of their monitoring practices for them to be lawful, especially where to do so would compromise the effectiveness of the monitoring. Still, the more that employees, and especially the employee involved in the matter, know that actual monitoring is being conducted, the more likely it is that an employee will be held not to have a reasonable expectation that such monitoring is not occurring.
7. Is encryption or privacy protection software permissible?
8. Are passwords allowed, and is their use clear?
Agreements about the duty and right to protect data by passwords should be clear. The company’s need and right of administrators or others to bypass passwords should be clearly stated in policies and agreements.
9. Does the applicable agreement or policy specifically apply to the type of data at issue, such as text, photos or location metadata?
A prohibition upon access to voicemail messages may not create a right to monitor location metadata, and the right to monitor email may not create a right to monitor text messages. City of Ontario v. Quon. An employee who can credibly argue, for example, that he did not appreciate what geolocation data was being created and stored on a smartphone may have more privacy rights in that metadata than if the policy specifies that such metadata may be created and stored by the mobile device in question, and is covered by the access policy.
10. What data from the employee’s phone or computer is stored where?
A policy should clearly define what data is covered by the policy, including data received or created by an employee that is stored on company servers and outside data service providers such as internet service providers and cloud data services. The more transparent a policy is about what data is subject to the policy, and what rights apply to the data on company or third party servers, the more likely those rights will be affirmed.
11. What policies or agreements exist regarding location privacy?
12. What procedures should be followed when a company is requested by warrant, subpoena or other legal process to reveal information from an employee’s phone or computer?
A company’s duties to respond to a civil or criminal subpoena can be tricky. U.S. v. Warshank (2010) (the express right of the government to obtain certain information granted by the Stored Communications Act without a warrant held to be unconstitutional). A policy should expressly allocate the protections and duties of the company and the employee when such requests are made.
2010 was the year that geolocation technologies such as mobile social networks and check-ins exploded into general use and awareness in the United States. In the final quarter of 2010, more mobile phones (100 million) were sold worldwide than PCs (92 million) for the first time. This blog summarizes how mass location based technology will impact criminal and civil litigation.
Three major developments in geo-technology portend a new world of location based electronic discovery (“LBED”) in civil and criminal litigation.
The first technological development is that computers have become so small, powerful, cheap, robust and connected – in short, so mobile – that most Americans now carry one in their purse or pocket.
The second development is the growing use of location technologies that create and store location metadata that is becoming ever more accurate, accessible and, for the truly “wired” (non-wired?), nearly continuous.
The third development arises from the first two: location based services and applications (“apps”) are changing the American business and social landscape as much as any development since the advent of automobiles and highways.