Privacy & Information Security Law Blog

On September 12, 2012, Congressman Edward Markey (D-MA) released a bill that would require companies to tell customers about monitoring software installed on their mobile devices and obtain customers’ express consent before engaging in monitoring. These requirements would apply to mobile phone makers, network providers and application developers.

Markey unveiled the Mobile Device Privacy Act during a congressional hearing on the role of mobile and online applications (“apps”) in creating job opportunities. The bill would require the following specific disclosures to consumers regarding monitoring software on mobile devices or apps:

• that monitoring software is installed on the mobile device or that the software downloaded has a monitoring function;
• the types of information collected and transmitted by the monitoring software;
• to whom the information will be transmitted;
• how the information will be used; and
• how the consumer who has consented to the monitoring software may prohibit further collection and transmission of information.

In addition, companies that collect information from mobile devices or apps must implement information security policies and procedures to secure the data they collect. The bill gives enforcement authority to the Federal Trade Commission, the Federal Communications Commission and state attorneys general, and includes a private right of action for consumers injured by violations of regulations promulgated under the law.