Federal prosecutors are taking a look at what smartphone application makers do with the data they collect from their users.
Their investigation came to light Monday in a regulatory filing by Internet radio company Pandora. Oakland-based Pandora said it had received a subpoena from a federal grand jury early this year.
The company said in the filing it believed the grand jury “was convened to investigate the information-sharing processes of certain popular applications that run on the Apple and Android mobile platforms.” Pandora was informed that it was not the “specific target” of the inquiry.
“We believe that similar subpoenas were issued on an industry-wide basis to the publishers of numerous other smartphone applications,” the company said.
The Wall Street Journal reported Monday that the investigation is being led by federal prosecutors in New Jersey. A representative for the U.S. attorney’s office there declined to comment. A Pandora representative also declined to comment.
The investigation comes amid growing concern about information collection by online and mobile marketers. Consumer advocates and government regulators have been raising alarms about the amount of information marketers collect, as well as the shortage of standards for what they can do with that data and the lack of awareness by consumers.
Federal prosecutors and grand juries investigate possible criminal offenses. But criminal charges are unusual in privacy cases, legal experts said.
Citing a “person familiar with the matter,” the Journal reported that prosecutors are examining whether mobile marketers violated a computer fraud law by collecting or transmitting user information without properly disclosing what they were doing.
Privacy statutes in this country are fairly lax; there are generally few restrictions on the information that marketers can collect and what they can do with it, as long as they disclose their privacy policies to consumers, experts say. In the past, violations of disclosures were frequently handled by the Federal Trade Commission, which has the power to levy civil sanctions such as fines.
It’s unclear why federal officials are investigating criminal violations. The federal statute they are apparently relying on was originally written to bar hackers from breaking into others’ computers and taking information from them, legal experts say.
“It’s a little bit odd” that federal officials are looking into a criminal case, said Eric Goldman, an associate professor of law and director of the High Tech Law Institute at Santa Clara University. “Normally, there have to be very egregious circumstances (to merit a criminal case). Most legitimate businesses don’t come anywhere close to that level of egregiousness.”
Apple and Google also have been asked to provide information about applications listed in their marketplaces, according to the Journal. A representative for Apple declined to comment. Google representatives did not respond to a request for comment.
The investigation comes as federal officials are considering implementing new rules to govern online and mobile marketing. Among other things, the rules would require marketers to provide simplified descriptions of their data-collecting practices and to allow their users to opt out of having their activities tracked online.
Consumer advocates have been pressing officials to come up with better privacy protections. One of their chief concerns has been that consumers are largely unaware of how much of their personal information and activities is being collected or monitored as they use the Web or their smartphones.
Advocates are particularly concerned with the information that can be collected via smartphones. Not only can the devices monitor users’ online activities, but they often have stored on them sensitive information such as personal contacts and appointments. They also can be used to track their users’ location and movements.
Compared with using the Web on a PC, “there’s more information about you at stake” with smartphones, said Justin Brookman, director of consumer privacy at the
Center for Democracy and Technology. At the same time, users have a lot less control over that information, he added.
“There’s no opt out for a lot of mobile advertising,” Brookman noted.
By knowing users’ activities and movements, insurance companies, for example, could charge some customers higher prices than others — or decline to offer coverage at all.
“I don’t think the average consumer has any idea that what most people consider smartphones are nothing more than spy phones,” said John Simpson, director of the privacy project at Consumer Watchdog.
Contact Troy Wolverton at 408-920-5021. Follow him at Twitter.com/troywolv.
Mon, Apr 4, 2011 at 12:23 pm