Fallout from the first day of privacy hearings

Jason Weinstein

The first day of hearings on Capitol Hill have brought to light a battle within two different sectors of the US government.  That really isn’t all that surprising.  Americans are used to the different branches of government wanting different things, and working toward opposite goals.  In this case it’s the Department of Justice versus the US Senate, and those members of the senate who argue for increased laws to shield citizen’s privacy.

The hearings today were supposed to be about securing our privacy, and keeping our personal information safe from prying eyes.  It sort of wandered off that track when the Department of Justice said that it would rather require mobile operators to collect and store MORE data on their users.  Jason Weinstein, deputy assistant attorney general for the criminal division said, ”When this information is not stored, it may be impossible for law enforcement to collect essential evidence.”

In January, CNET broke the news that the DOJ was starting a legislative push toward data retention.  In the wake of the Apple/Google LocationGate incident, though, the push has leaned toward increased privacy measures.  Weinstein added, ”Many wireless providers do not retain records that would enable law enforcement to identify a suspect’s smartphone based on the IP addresses collected by Web sites that the suspect visited.”

Weinstein did not elaborate on the proposal during an exchange with Senator Al Franken (D-Minn), whose subcommittee called for today’s hearings.  The measures being pushed by the DOJ directly conflict with the recommendations of the FCC, who also had representatives present today.  The FCC, by contrast, wants to adopt a policy of, ”not collecting or retaining more data than they need to provide a requested service or transaction,” said Jessica Rich, deputy director of the FTC’s bureau of consumer protection.

“I believe that consumers have a fundamental right to know what data is being collected about them,” Franken said. That can be, he said, “really sensitive information that I don’t think we’re doing enough to protect.”

Also testifying are Bud Tribble, Apple’s vice president for software technology and Google’s U.S. director of public policy, Alan Davidson. Microsoft did not make an appearance, even though it collects location information from Windows Phone devices with a unique ID.

While no specific bill has appeared as a result of the recent privacy concerns, there has been some Do-Not-Track legislation appearing, as well as calls for FCC investigations into Apple and Google.

What began as a hearing devoted to location privacy soon spiraled into entirely unrelated issues about computer security, the recent Sony security breach, mandatory notification for similar breaches, restrictions on mobile applications, and Google Street View.

Senator Chuck Schumer (D-NY) also called on Apple and Google to remove some apps from their markets, specifically those that alert drivers to law enforcement speed and alcohol traps.  These apps are completely legal, and in fact use publically published information in many cases, but the Senator believes they are a risk to public safety.

“How you can justify (selling) apps that put the public at serious risk?” he asked. “Why hasn’t Google removed this type of application?”

Davidson replied that while this is an “important issue,” Google has “a fairly open policy in what we allow.”

“In some cases the police department publishes when and where there’s going to be a checkpoint,” Tribble said, suggesting that if the information is public, an app that reproduces it should not necessarily be a problem.

All-in-all it looks like this is an issue we will not see resolved in a day or two.  There’s a lot of rights issues being thrown around here, and we’ll just have to wait for the dust to settle and see what comes of it.  You can let us know your opinion in the comments, though.  Should mobile operators collect data for the DOJ?  Should the government just butt out altogether?  Should they stop at Do-Not-Track legislation?