Tuesday, December 31, 2013

ICYMI Top 5 Spatial Law and Policy Stories From the Past Week

The Centre for Spatial Law and Policy prepares a weekly update for its members. Listed below are links to five stories from the past week that will impact the geospatial community.  More information about the Centre for Spatial Law and Policy can be found here.  

Directions Magazine eBook on Spatial Law - Directions Magazine has published a compilation of articles from its website related to Spatial Law and Policy. They asked me to write the introduction. (The book is free) 

Google Street View Case Granted a Rehearing  (Slaw) I highly recommend reading the article and then the comment - it is a terrific example of how lawyers/policymakers and engineers can use the same language to mean different things. 

Innoweb BV v Wegener ICT Media BV,  (court decision) Recent decision from European court that will impact use of OpenStreetMap data subject to the OpenDatabase License.

Government Take Down Requests Rising Says Google  (Forbes) This story has been reported in previous updates, but I noted a quote that highlights how organizations (in this case government agencies) will try to use legal uncertainties to address policy (or personal) concerns. 

The Chief Data Officer: an executive whose time has come.  (GigaOm)  I believe a Chief Data Officer would also be beneficial in addressing concerns over privacy, intellectual property rights, licensing, data quality, etc. 


Monday, December 16, 2013

Recent Federal Trade Commission (FTC) Settlement Will Make It Harder to Collect and Share Geoinformation In US.

The Federal Trade Commission" (FTC) recently entered into a settlement (subject to final approval) that will have a significant impact on the entire geospatial community. The settlement, in connection with In re Goldenshores Technologies, LLC , involved the collection of "geolocation information" from a mobile device app.  Geolocation information is defined in the settlement documents as "precise geolocation data of an individual or mobile device, including but not limited to GPS-based, WiFi-based, or cell-based location information." [emphasis added]
Goldenshores Technologies, LLC  ("Goldenshores") developed “Brightest Flashlight Free,  a free, ad-supported app that enables the device to act as a flashlight. According to the FTC, the app transmits when running, or could transmit, the device’s “precise geolocation along with persistent device identifiers that can be used to track a user’s location over time” to third parties, including advertisers. The FTC alleged that the app collected (and shared) the device's location prior to obtaining the individual's permission and did not adequately disclose with whom the information was shared.  According to the FTC, such practices are prohibited under Section 5(a) of the FTC Act as "deceptive and unfair acts or practices in or affecting commerce".

The settlement states that  Goldenshores' apps must . . . " not collect, transmit, or allow the transmission of such [geolocation] information unless such application: 

A. Clearly and prominently, immediately prior to the initial collection of or
transmission of such information, and on a separate screen . . .  " states

1. That such application collects, transmits, or allows the transmission of,
geolocation information;

2. How geolocation information may be used;

3. Why such application is accessing geolocation information; and

4. The identity or specific categories of third parties that receive geolocation
information directly or indirectly from such application
; and

B. Obtains affirmative express consent from the consumer to the transmission of
such information". [emphasis added]

The settlement only applies to mobile apps, however  its impact will be felt throughout the geopatial community. 


First, the FTC's definition of geolocation information to be protected is broad and imprecise.  For example, it includes location information collected from GPS, WiFi or cell towers.  Those familiar with geospatial technology will recognize that these technologies collect location in a number of applications and with varying degrees of precision. Also, it applies to location information collected on an individual or a mobile device. Moreover, the definition states that it includes, but is not limited to location information collected from those technologies. This suggests that other location-enabling technologies may also be subject to privacy scrutiny, which is important because the FTC has very broad enforcement powers. As a result of this broad definition, it will become increasingly difficult for a broad range of geospatial technology companies to determine if they need to include a privacy statement when collecting location information.

Second, the settlement states that before an app can transfer geolocation information collected from a mobile device to a third party, it must obtain "affirmative express consent" from an individual after providing proper notice. Such notice must include "[t]he identity or specific categories of third parties that receive geolocation information directly or indirectly from such application." 

Anyone following the geospatial community over the past few years knows that new markets and opportunities for location data are continuously developing. Many of these new opportunities rely on location data from mobile devices. In this environment, it will be very challenging to provide consumers proper notice as which third parties will receive the location data or how it will be used. As a result of the In re Goldenshores Technologies, LLC settlement, companies will need to go back and get consumer authorization each time they wish to change with whom they will share location information.  Alternatively, they may decide that this is cost prohibitive and decide not to enter into that market. 

The settlement should also result in both geospatial data providers and data users updating their terms of use and/or license agreements. In light of the settlement, users of geospatial data may consider obtaining a representation from a data provider that the data has been collected in a manner that adequately protects a consumer’ privacy and that the consumer has agreed to have it distributed for this particular purpose. Data providers may seek a covenant from customers that their geospatial data will not be aggregated with third party data in ways that will infringe upon consumer privacy.




Thursday, December 12, 2013

Looking Back at Top Spatial Law and Policy Stories Since 2010

Since 2010, the Spatial Law and Policy Blog has identified the Top 10 Spatial Law and Policy stories over the course of the year. In preparing this year's version, I decided to go back and look at previous Top 10 blog posts. 

In my review, I was struck by how mainstream geospatial technology and location information has come in a relatively short time. For example, in 2010 the fall-out over Google Streetview was a top story.  In 2013, it is (or will be) UAVs. I was also struck as to how there has been little resolution to the legal and policy issues. For example in 2010, top issues included efforts to legislate geolocation privacy, a push for open data and law enforcement's collection of location information without proper oversight. Sound familiar?

Here are links to the previous Top 10 Spatial Law and Policy Stories from 2010, 2011 and 2012. Let me know your thoughts. 

Tuesday, December 10, 2013

ICYMI 5 Spatial Law and Policy Links From the Past Week

The Centre for Spatial Law and Policy prepares a weekly update for its members. Listed below are links to five stories from the past week that will impact the geospatial community.  More information about the Centre for Spatial Law and Policy can be found here.  


1. Flashlight app kept users in the dark about sharing location data: FTC (Washington Post)  "The Federal Trade Commission on Thursday issued what appears to be its first enforcement action related to location-based information, reaching a settlement with the maker of Brightest Flashlight Free for allegedly hiding the fact that it sold information about the location of its users and the unique string of numbers assigned to a device." 

2. Police fail at map reading  (National) I note that the article references both human error and GPS error as reasons police went to wrong house.

3.   Cellphone data spying: It's not just the NSA  (USA Today)  According to the report, "Law-enforcement records show police can use initial data from a tower dump to ask for another court order for more information, including addresses, billing records and logs of calls, texts and locations."

4. Tech Giants Issue Call for Limits on Government Surveillance of Users  (NYT)  This is an important issue that the geospatial community should closely follow around the world. Law enforcement and intelligence agencies will increasingly turn to geotech companies (and other government agencies) for location data on individuals.

5. Every step you take  (The Economist) A well respected international news magazine, states: "As cameras become ubiquitous and able to identify people, more safeguards on privacy will be needed."

Tuesday, December 3, 2013

ICYMI 5 Spatial Law and Policy Links From the Past Week

The Centre for Spatial Law and Policy prepares a weekly update for its members. Listed below are links to five stories from the past week that will impact the geospatial community.  More information about the Centre for Spatial Law and Policy can be found here.  

Koh Drops Ax on Privacy Claims Against Apple  (The Recorder) To quote from the article, this case - which concerned location information- was dismissed because the plaintiffs had not read the privacy policy that they alleged was deficient.

CC’s Next Generation Licenses — Welcome Version 4.0!  (Creative Commons) Creative Commons is taking a step to address issues associated with the licensing of data.

Cellphones Leave Gaps for Emergency Services  (WSJ) According to the article  . . . "Amid all the privacy concerns about cellphone tracking, one important group is arguing that location data isn't precise enough: emergency responders."

Markey: Privacy before drone deliveries  (The Hill) Amazon's announcement may result in lawmakers looking at this issue sooner than some expected. “Before drones start delivering packages, we need the FAA to deliver privacy protections for the American public," he said in a statement.

The law is an ass when it comes to cloud  (CloudPro) The author makes a powerful point about how the legal profession is falling behind with regards to understanding technology.