- EPIC Backs Comments on Location Privacy: EPIC has joined a coalition of consumer privacy groups in comments to the Federal Communications Commission on the "Roadmap for Improving E911 Location Accuracy." EPIC and the groups explained that collecting location information without privacy protections puts customers at risk. EPIC filed similar comments with the FCC in 2007. EPIC urged the Commission to recognize that "(1) the FCC has an obligation to protect the privacy of consumer information generated by the provision of communication services; (2) current regulations do not adequately location-based information, (3) legal frameworks, notably in the European Union, provide safeguards for location data, and (4) the Commission should establish rules that limit the use of customer location-based information." EPIC has frequently advocated for express authorization prior to disclosure of "call location information." The "Roadmap" raises concerns that the location of telephone users will be routinely known to federal agencies, whether or not there is an emergency. EPIC has also filed amicus curiae briefs in the U.S. Supreme Court and the Supreme Court of New Jersey arguing that location tracking by the government is a search under the Fourth Amendment and should only be conducted with a judicial warrant. For more information, see EPIC: Locational Privacy. (Dec. 16, 2014)
- Senator Markey Asks Justice Department About Cell Phone Tracking Program: Senator Edward J. Markey (D-MA) has sent detailed questions to Attorney General Holder about recent reports that law enforcement agencies have deployed aircraft equipped with cell tower simulators to capture mobile phone communication. The devices, known as "IMSI catchers" or "Stingray," identify and track cell phone users. Senator Markey wrote "the sweeping nature of this program and likely collection of sensitive records...raise important questions about how the Department protects the privacy of Americans" with no connection to unlawful activities. EPIC successfully sued the FBI to obtain documents about the agency's use of Stingray devices. EPIC has also filed amicus curiae briefs in the U.S. Supreme Court and the Supreme Court of New Jersey arguing that location tracking is a search under the Fourth Amendment and should only be conducted with a judicial warrant. For more information, see EPIC: Locational Privacy and EPIC v. FBI (Stingray). (Nov. 17, 2014)
- Apple Announces New Privacy Enhancing Techniques: The most recent product announcement from Apple, includes several privacy enhancing techniques that EPIC has favored, including randomized MAC addresses, end-to-end encryption, robust screen lock, and implementation of secure electronic payment systems. Still, EPIC has raised questions about Health Kit, which enables the collection and transfer of sensitive medical information, and the enforcement of developer guidelines. For more information, see, EPIC: Practical Privacy Tools and EPIC: Location Privacy. (Sep. 23, 2014)
- Apple Announces New Privacy-Enhancing Techniques in iOS 8: Apple has announced new privacy-enhancing techniques that will limit the ability of third parties to track Apple mobile devicesi. Specifically, iOS8 will use "random, locally administered MAC addresses," instead of unique device IDs, to connect to the Internet. Mobile phones can now be tracked by law enforcement and private companies because of the unique MAC address associated with the device. In 2004 when the adoption of IPv6 raised privacy concerns, EPIC recommended that MAC addresses be randomized to avoid tracking. The change in the Apple iOS implements this proposal. For more information, see EPIC: Practical Privacy Tools and EPIC: Location Privacy. (Jun. 10, 2014)
- Massachusetts Court Upholds Privacy Protection for Location Records: In Commonwealth v. Augustine, the Massachusetts Supreme Judicial Court ruled that an individual has a reasonable expectation of privacy in cell phone location records held by a company. Article 14 of the Massachusetts Constitution, similar to the Fourth Amendment, provides that individuals should be free from "unreasonable searches, and seizures." The court held that obtaining two weeks of phone location records was a search, requiring a warrant. EPIC filed "friend of the court" briefs in Commonwealth v. Connolly, a similar case in Massachusetts concerning warrantless GPS tracking, and State v. Earls, a case in which the New Jersey Supreme Court held that location data is protected under the state constitution. EPIC also filed a brief in In re U.S. Application for Historical Cell Site Data, where an appeals court held that users have no reasonable expectation of privacy in location records under the Fourth Amendment. The Massachusetts Supreme Court considered all three cases. For more information, see EPIC: Location Privacy. (Feb. 20, 2014)
- New Jersey Court Issues Landmark Location Privacy Decision: Today the Supreme Court of New Jersey held that individuals have a reasonable expectation of privacy in their cell phone location data under the NJ state constitution. In State v. Earls, the New Jersey high court found that "cell-phone location information, which users must provide to receive service, can reveal a great deal of personal information about an individual." This decision is the first to establish a Constitutional right in location data since the U.S. Supreme Court decided United States v. Jones, a GPS tracking case in which several Justices expressed concern about the collection of location data. EPIC participated as amicus curiae in Earls. The New Jersey Supreme Court noted that "EPIC offered helpful details about the current state of cell-phone technology." For more information, see EPIC: State v. Earls and EPIC: Locational Privacy. (Jul. 18, 2013)
- EPIC Recommends Privacy Protections for Natural Disaster Survivors: In comments to the National Institutes of Health, an agency component of Health and Human Services, EPIC urged the agency to safeguard personally identifiable information following natural disasters. The agency proposes to use the PEOPLE LOCATOR system and related mobile app ReUnite™ to reunite "family and friends who are separated during a disaster." The PEOPLE LOCATOR system allows third parties to enter highly sensitive information about each missing or located individual, which in turn is accessed by the public. The system stores disaster survivor information including name, location, date of birth, race, religion, health status, address, and photographs. EPIC recommended that the agency: (1) limit its data collection to relevant information, (2) protect the security of the system by implementing data access control and establishing data quality standards; (3) define a record retention and disposal schedule; and (4) establish guidelines, which adhere to the Fair Information Practices, for disclosures to third parties like Google. For more information, see EPIC: Locational Privacy. (Jun. 20, 2013)
- Texas Bill to Require Warrants for E-mail Searches Awaits Governor's Signature: The Texas legislature has passed H.B. No. 2268, a bill that creates a warrant requirement for law enforcement access to stored electronic communications and customer data. The law, which was presented to Governor Rick Perry this week, is the first successful state effort to establish an across-the-board warrant requirement for stored communications. Congress is considering similar changes to the federal Electronic Communications Privacy Act. Others have proposed more sweeping privacy reforms, and there are bills in both the House and Senate that would establish location privacy protections. EPIC testified before the Texas Legislature on H.B. 1608, a location privacy companion to H.B. 2268. For more information, see EPIC: Electronic Communications Privacy Act and EPIC: Locational Privacy. (May. 29, 2013)
- Virginia Court of Appeals Authorizes Warrantless GPS Tracking: In Foltz v. Virginia, the Virginia Court of Appeals held that law enforcement may place a GPS tracking device on a vehicle without violating the Fourth Amendment. The Court found that the defendant did not have an expectation of privacy, and therefore attaching the tracking device to the bumper did not require a warrant. The court distinguished its ruling from Commonwealth v. Connolly, a recent Massachusetts case, which held that police must obtain a warrant before using GPS devices to monitor vehicles. The Virginia court explained that Connolly was unpersuasive because the Virginia Constitution is co-extensive with the federal Fourth Amendment while the Massachusetts Constitution is more expansive. EPIC filed an amicus brief in Connolly, urging the court to adopt a warrant requirement. For more information, see EPIC: Commonwealth v Connolly.
- Federal Appeals Court Requires Warrant for GPS Tracking: The D.C. Circuit Court ruled that police must obtain a warrant before using GPS devices to monitor vehicles. GPS tracking constitutes a seizure under the U.S. Constitution because "prolonged GPS monitoring reveals an intimate picture of the subject‘s life that he expects no one to have," the Court held. In a related case, the Massachusetts Supreme Court recently held that a warrant is required for the use of a GPS tracking device. EPIC filed an amicus brief in that case. For more information, see EPIC Commonwealth v. Connolly.
- Facebook Uses RFID to Track Users' Locations for Advertising Promotion: At the Coca-Cola Village Amusement Park in Israel, visitors were recently issued bracelets with RFID chips that linked to their Facebook accounts, according to Adland. RFID readers scattered throughout the park updated the users' Facebook pages when the bracelets were scanned. On-site photographers also posted photos that were automatically tagged with the users' identities. Facebook had previously tested the use of RFID for location tracking at the f8 Developer Conference in April. Facebook has also just launched Places, which is designed to make users' location information widely available. For more information, see EPIC Facebook Privacy, EPIC Facebook Places.
- Facebook "Places" Embeds Privacy Risks, Complicated and Ephemeral Opt-Out Unfair to Users: The recently announced Facebook service Places makes user location data routinely available to others, including Facebook business partners, regardless of whether users wish to disclose their location. There is no single opt-out to avoid location tracking; users must change several different privacy settings to restore their privacy status quo. For users who do not want location information revealed to others, EPIC recommends that Facebook users: (1) disable "Friends can check me in to Places," (2) customize "Places I Check In," (3) disable "People Here Now," and (4) uncheck "Places I've Visited." EPIC, joined by many consumer and privacy organizations, has two complaints pending at the Federal Trade Commission concerning Facebook's unfair and deceptive trade practices, which are frequently associated with new product announcements. For more information, see EPIC In Re Facebook, EPIC In Re Facebook II, and EPIC Facebook Privacy.
Over the last 10 years, law enforcement has stepped up its use of location tracking technologies, such as GPS (Global Positioning System) trackers and cell phones, to monitor the movements of individuals who may or may not be suspected of a crime. GPS is a geolocation network that consists of satellites and receivers that can calculate the precise location of a GPS device 24-hours a day (subject to environmental constraints). As of March 19, 2013, there are 31 satellites in the GPS constellation. The satellites and ground stations in the GPS network are maintained by the U.S. Air Force Global Positioning Systems Wing. GPS satellites are designed to transmit three-dimensional location data (longitude, latitude and altitude) as well as precise velocity and timing information to an unlimited number of users simultaneously. A GPS receiver is all that one needs to access the service. GPS satellites can not receive any data, they can only broadcast location and timing information.
A GPS-enabled receiver is the device that is commonly available through commercial retailers, and used by the general public to assist in navigation. The civilian GPS receivers deliver precise velocity and timing information, and very accurate location information. This device by itself does not transmit the data received from the satellite network to remote locations, nor is it typically capable of storing data regarding its long-term historical movements. However, most cell phones are now GPS-enabled and can transmit location data to the service provider or other third parties (such as Apps - see e.g. Foursquare). Cell phones can also be used to track users even if they are not GPS-enabled. See Cell Phone Tracking Methods.
The Fourth Amendment provides that the "right of the people to be secure in their persons, houses, papers and effects, against unreasonable searches and seizures, shall not be violated." A seizure of property occurs when there is “some meaningful interference with an in- dividual’s possessory interests in that property,” United States v. Jacobsen, 466 U. S. 109, 113 (1984). In determining whether a "search" has occurred, courts have traditionally applied a two-part test established in Katz v. United States, 389 U.S. 347 (1967): where an individual has (1) a subjective expectation of privacy in the searched object that (2) society is willing to recognize as reasonable. See Kyllo v. United States, 533 U.S. 27, 33 (2001). However, in United States v. Jones, 132 S. Ct. 945 (2012), the Supreme Court held that Katz is not the exclusive test under the Fourth Amendment and that the Government's "installation of a GPS device on a target's vehicle, and its use of that device to monitor the vehicle's movements, constitutes a 'search.'" Id. at 949. Under this new "trespass test," a search occurs whenever the government occupies private property for the purpose of obtaining information. Id.
A warrant is typically required for law enforcement to search or seize an item, although courts recognize certain exigent circumstances excusing the warrant requirement in limited cases. Judges may issue warrants based on probable cause under state and federal laws such as Rule 41 of the Federal Rules of Criminal Procedure.
After the Supreme Court's decision in United States v. Jones, courts must reassess the application of the Fourth Amendment to various location-tracking methods. The two main cases laying the groundwork for the contemporary Constitutional issue of using location-based tracking devices to conduct surveillance are United States v. Knotts, 460 U.S. 276 (1980) and United States v. Karo, 468 U.S. 705 (1984). These cases examine whether the diminished expectation of privacy in an automobile is expanded when the police use technology to track a suspect and whether the technology is a mere augmentation of the officer's own sense of observation or a more intrusive form of surveillance.
In Knotts, the Court determined that the use by the police of a beeper to track a person did not constitute a search. The police attached a beeper to a container that the suspect then placed in his car. The police used the signal from the beeper to track the container to the suspect's cabin. Once there, the police set up visual surveillance of the cabin. The Court held that the beeper allowed the police merely to track a suspect on public highways and streets. Consequently, the Court explained, there is a diminished expectation of privacy in an automobile. "The fact that the officers in this case relied not only on visual surveillance, but also on the use of the beeper to signal the presence of [Darryl] Petschen's automobile to the police receiver does not alter the situation. Nothing in the Fourth Amendment prohibited the police from augmenting the sensory faculties with such enhancement as science and technology afforded them in this case."
A year after Knotts, the Court heard United States v. Karo. Karo shifts the discussion to whether the police may use beepers to monitor suspects in private residences without a warrant. In this case, the DEA installed and monitored a beeper into a can of ether in the possession of the suspects. The DEA relied on the signal from the beeper (as the can was moved from two private residences and a storage facility) to track the suspects. The Court held that this was an impermissible search. "Indiscriminate [electronic] monitoring of property that has been withdrawn from public view would present far too serious a threat to privacy interests in the home to escape entirely some sort of Fourth Amendment oversight."
Individuals are using location-based services that provide incentives for sharing where a person is at any given point in time. These location-based services are generally run on software applications found on GPS-enabled devices such as smartphones. The application requests the latitude and longitude of the user's phone or other GPS enabled device or from cell tower and WiFi information.
The Pew Internet and American Life Project found that 35% of U.S. adults use phones able to run apps. Location-based apps are focused on social-networking, consumer, and gaming activities. The Pew project also estimates that at least 1% of Internet users and 6% of all male Internet users are regularly taking advantage of location-based apps.
Foursquare, with approximately 3 million users, is a service that "lets users ‘check in' to a place when they're there, tell friends where they are and track the history of where they've been and who they've been there with." Businesses are taking advantage of the service by offering discounts and coupons to individuals who "check in" to their location. Foursquare also has an API that allows developers to build on its platform.
An application programming interface (API) enables software programs to interface or interact with other software. Social networking sites, like Facebook and Twitter, provide a platform for APIs and are increasingly opening up their APIs to developers. Facebook Places now allows developers to store their own check-in data in Facebook Places database and to search that database. Developers can access the database for free and are no longer limited by having to build their own database. Facebook has more than 200 mobile users, making its Places database larger than that of any other service currently available.
Search engines are opening up their API to developers. Google is turning its attention to the location-based services with its Places service by focusing on check-in applications because these applications are ones that "the API currently caters to well."
A study by AT&T research found that 19 out of 20 social networking sites shared information with third parties in a way that would allow third parties to associate online activities with actual identities. The researchers tracked privacy leakage (including presence and location data as well as the unique device identifiers on mobile devices) to determine whether existing privacy protection measures are still adequate. The report states that even if a company provides a range of privacy settings, "the multi-dimensional nature of the issue makes the problem of protecting information significantly harder." The researchers found leakage of personally identifiable information (PII) from all twenty social networking sites. They conclude that "[t]he combination of location information, unique identifiers of devices, and traditional leakage of other PII all conspire against protection of a user's privacy."
Cell phones, smartphones, and other mobile devices (e.g. laptops and tablets) can be located whenever they are turned on. Current location-tracking technologies can be used to pinpoint users of mobile devices in several ways. First, service providers have access to network-based and handset-based technologies that can locate a phone for emergency purposes. Second, historical location can frequently be discerned from service provider records. Finally, third party devices such as Wi-Fi hotspots or IMSI catchers can be used to track nearby mobile devices in real time. The accuracy of these methods depends on a variety of technological and environmental factors, but the location data will only get more precise as the technology evolves.
- Network-based Location Technologies
- Handset-based Location Technologies
- Third-party Methods
Network-based location tracking technologies rely on existing equipment to determine the location of a target device. See Ali H. Sayed, Alireza Tarighat & Nima Khajehnouri, Network-Based Wireless Location, IEEE Signal Processing Magazine 24, 26 (Jul. 2005). Cell phone networks consist of a series of antennas (or “cell sites”), which can be densely concentrated in urban areas with many users. See CTIA: The Wireless Association, Wireless in America: How Wireless Works (Jan. 2011). Mobile devices communicate with nearby cell sites during a process called “registration,” which occurs automatically even when the device is idle. A Guide to the Wireless Engineering Body of Knowledge 77 (Andrzej Jajszcyk ed., 2nd ed. 2011). During the registration process, mobile devices also communicate with nearby cell sites in order to identify the strongest signal. Michele Sequeira & Michael Westphal, Cell Phone Science: What Happens When You Call and Why 104 (2010). A similar process occurs when a user moves from one cell to another while making a call. See Nishith D. Tripathi, Jeffrey H. Reed & Hugh F. VanLandingham, Handoff in Cellular Systems, IEEE Pers. Comm., Dec. 1998, at 26. The service provider can also initiate the registration process. See CDMA Glossary, supra note 3 (describing “Non-Autonomous Registration” as “[a] registration method in which the base station initiates registration.”). Once registration occurs, the information is stored temporarily in service provider databases in order to route calls. Tripathi, supra, at 26. A log is also typically created every time a call is made or data downloaded. See Stephanie K. Pell & Christopher Soghoian, Can You See Me Now? Toward Reasonable Standards for Law Enforcement Access to Location Data that Congress Could Enact, 26 Berkeley Tech. L.J. 117, 128 (2012) (these logs reveal “which particular cell site a phone was near at the time of the call.”).
These cell site records are the most basic component of network-based location data. See Junhui Zhao & Xueue Zhang, Location-Based Services Handbook: Wireless Location Technology in Location-Based Services § 2.2.1 (Syed A. Ahson & Mohammad Ilyas eds., 2011). The size of a “cell,” the area served by a cell site, can range from several miles to several meters. See Dimitris Mavrakis, Do We Really Need Femto Cells?, Vision Mobile (Dec. 1, 2007). As a result, a cell site location record can reveal the location of a mobile device in a specific area (like a room in a house) or within a large area (like a neighborhood). The smaller the cell site, the more precise the cell site location data. In order to increase network capacity, as is necessary in dense urban areas, providers typically shrink the size of their cells. Id. In 2000, there were 97 million wireless subscriber connections and as of 2010 there were nearly 293 million. CTIA: The Wireless Ass'n, Wireless in America: Wireless Subscriber Statistics (May 2011). Over that same time period, the number of cell towers has increased from 95,733 to 251,618. Id. In response to increased network demand, small cells are becoming increasingly common. See Press Release, Small Cells Outnumber Traditional Mobile Base Stations, Small Cell Forum (Oct. 31, 2012).
Cell site data can also be collected for a specific cell site and time without an individual target. See, e.g., In re U.S. ex rel. Order Pursuant to 18 U.S.C. Section 2703(d), Nos. 12-670, 671, 672, 673, 674, 2012 WL 4717778 (S.D. Tex. Sept. 26, 2012) (rejecting a government request for bulk tower data). This information is referred to as a “tower dump.” Id. at *1. Government investigators have argued that they should be allowed to collect such data and analyze it in order to locate possible targets present at a particular location and time (like a crime scene). Id. The problem, as one court noted, is that it requires collection of “data related to innocent people who are not the target of the criminal investigation.” Id. at 4. At least one such application has been rejected because the Government had no protocol in place to handle this sensitive private data. See Id.
Network-based location information can also be collected using more advanced and precise methods. Service providers can identify the location of a wireless device by using triangulation (or “lateration”) methods based on simultaneous signals from several base stations. See Ali H. Sayed, Network-Based Wireless Location at 26-29. See also Küpper at 131-136. Even more advanced methods consider the exact angle and time of arrival of each signal. See Küpper at 138-140, 144-148. The current advanced triangulation methods are capable of locating a mobile device within 50-120 meters, even in rural areas, and provide comparable accuracy to A-GPS in urban environments. See id. at 231 (table describing the accuracy of various cellular positioning methods).
The handset-based method involves locating a mobile device based on information provided by the device itself (such as GPS data). See Frank Van Diggelen, A-GPS: Assisted GPS, GNSS, and SBAS 292 (2009). Most current phones contain GPS technology. See Berg Insight, GPS and Mobile Handsets 2 (March 2010).The Global Positioning System (“GPS”) is a “constellation of orbiting satellites that provides navigation data to military and civilian users all over the world.” U.S. Air Force, Global Positioning System Factsheet (Sept. 15, 2010). GPS receivers, like those in mobile devices, can use the satellite signals to calculate “extremely accurate, three-dimensional location information (latitude, longitude and altitude), velocity (speed and direction) and precise time.” Id. However, buildings and other environmental factors in urban areas can reduce the accuracy of GPS location data. See Adam Gorski, Understanding GPS Performance in Urban Environments, AGI (Jan. 4, 2011).
Assisted GPS (“A-GPS”) positioning now provides improved accuracy, lower power consumption, and reduced location acquisition time for compatible devices. Küpper at 225. The A-GPS process works by estimating a position using standard GPS triangulation, and then adjusting for corrections provided by a remote reference station connected to the network. Id. at 227. This allows for extremely accurate location information, to within 10 meters in outdoor rural areas. Id. at 231.
Mobile devices can also determine location based on surrounding Wi-Fi networks. See Axel Küpper, Location-Based Services: Fundamentals and Operation 234 (2005). There are several companies that maintain databases listing the approximate location of wireless networks. Pell & Soghoian, supra, at 131. These companies are known as "location aggregators." Ann Cavoukian & Kim Cameron, Wi-Fi Positioning Systems: Beware of Unintended Consequences 6 (June 2011). See, e.g., Open WLAN Map. Internet service providers, such as Google, also use Wi-Fi data to determine a user's location. See Google, Statement to Several National Data Protection Authorities (Apr. 27, 2010). These Wi-Fi Positioning Systems cross reference the user's nearby Wi-Fi networks with the database in order to determine the user's approximate location. Id. See generally Cavoukian & Cameron, supra, at 6 (describing Wi-Fi Positioning methods). It is not clear whether service providers have access to Wi-Fi position data generated by mobile devices.
In addition to the location tracking methods described above, which require law enforcement to collect data indirectly through the service provider, there are surveillance technologies that facilitate real-time tracking of a mobile signal directly.
One such tool is known as an “IMSI Catcher,” “StingRay,” or “Triggerfish,” and is used to identify and measure the strength and location of a mobile signal. See Jennifer Valentino-Devries, Stingray Phone Tracker Fuels Constitutional Clash, Wall St. J., Sept. 22, 2011. IMSI catchers mimic a wireless carrier's network tower and can send and receive all the same signals going to the cellular tower. See EPIC, EPIC v. FBI - Stingray / Cell Site Simulator (2012). IMSI catchers can determine a specific cell phones location by measuring the signal strength of the cell phone from several locations and utilizing triangulation to pinpoint the cell phones location. Id. These tools can also be used to identify a device based on its location, rather than the opposite. See In re Application of the U.S. for an Order Authorizing the Use of a Pen Register and Trap and Trace Device, ___ F. Supp. 2d ____, 2012 WL 2120492 (S.D. Tex. 2012)(“by determining the identifying registration data at various locations in which the Subject's Telephone is reasonably believed to be operating, the telephone number corresponding to the Subject's Telephone can be identified.”). At least one court has rejected an application to use such technology because the Government failed to address how they would deal with “information concerning seemingly innocent cell phone users,” which would be recorded by the equipment. Id.
- United States v. Jones, 132 S.Ct. 945 (2012)
- United States v. Skinner, 690 F.3d 772 (2012)
- In re U.S., No. 11-20884 (5th Cir. filed Dec. 14, 2011)
- In the re U.S., 620 F.3d 304 (3rd Cir. 2010)
- United States v. Maynard, 615 F.3d 544 (D.C. Cir. 2010)
- United States v. Antoine Jones, Appellee's Petition for Rehearing En Banc
- United States v. Antoine Jones, Denial of Petition for Rehearing En Banc
- United States v. Pineda-Moreno, No. 08-30385 (9th Cir. 2010)
- United States v. Garcia, 474 F.3d 994 (7th Cir. 2007)
- In re U.S., ___ F.Supp.2d ____, 2012 WL 2120492 (S.D.Tx. 2012)
- In re US, 747 F.Supp.2d 827 (S.D. Tx. 2010)
- State v. Earls, 209 N.J. 97 (2011)
- State v. Wyatt, 30 Mass. L. Rptr. 270 (Mass. Sup. Ct. 2012)
- State v. Zahn, 812 N.W.2d 490 (S.D. 2012)
- People v. Hall, 86 A.D.3d 450 (N.Y. App. Div. 1st 2011)
- Foltz v Commonwealth, 57 Va. App. 68 (Ct. App. 2010)
- Commonwealth v. Connolly, 913 N.E.2d 356 (Mass. 2009)
- People v. Weaver, 909 N.E.2d 1995 (N.Y. 2009)
- Wisconsin v. Sveum, 328 Wis.2d 369 (2009)
- State v. Jackson, 150 Wash. 2d 251 (2003)
Existing Federal Law
- Electronic Communications Privacy Act of 1986
- Title II - Stored Communications Act, 18 U.S.C. §§ 2701 to 2712
- Title III - Pen Register Act, 18 U.S.C. §§ 3121 to 3127
- Communications Act of 1934
- Communications Assistance for Law Enforcement Act, 47 U.S.C. § 1002(a)
- Wireless Communications and Public Safety Act of 1999, 47 U.S.C. § 222(d) and (f)
- Online Communications and Geolocation Privacy Act, 113 H.R. 983 (2013)
- Geolocation Privacy and Surveillance Act, 112 S. 1212, 112 H.R. 2168 (2011)
- Location Privacy Protection Act of 2011, 112 S. 1223 (2011)
- CDG, Welcome to the World of CDMA: Glossary
- Where is the energy spent inside my app?, Researchers: Abhinav Pathak (Purdue University), Y. Charlie Hu (Purdue University), and Ming Zhang (Microsoft Research)
- ACLU-Northern California, Location Based Services: Time for a Privacy Check-In, November 2010.
- Kathryn Zickhur, Aaron Smith, 4% of online Americans use location based services, Pew Internet and American Life Project, November 4, 2010
- Ann Cavoukian, Ph.D., Information & Privacy Commissioner, Ontario, Canada, Redesigning IP Geolocation: Privacy by Design and Online Targeted Advertising, www.privacybydesign.ca, October 2010.
- Real Time Privacy Monitoring on Smartphones, Joint Study: Intel Labs, Penn State University, Duke University.
- Gerald Friedland, Robin Sommer, Cybercasing the Joint: On the Privacy Implications of Geo-Tagging, International Computer Science Institute, August 2010.
- Bruce Sewell, Apple, Letter to Reps. Edward J. Markey and Joe Barton, July 12, 2010.
- Reps. Edward Markey and Joe Barton, Letter to Steve Jobs, Chief Executive Officer, Apple, June 24, 2010.
- Jay Stanley, The Crisis in Fourth Amendment Jurisprudence, acslaw.org, May 2010.
- Joint Hearing Subcommittee on Commerce, Trade and Consumer Protection and Subcommittee on Communications, Technology, and the Internet, "The Collection and Use of Location Information for Commercial Purposes," February 24, 2010.
- Nick Doty, Deirdre K. Mulligan and Erik Wilde, Privacy Issues of the W3C Geolocation API, UC Berkeley School of Information Report 2010-038, February 2010.
- Nick Doty, How do websites know where I am?
- Matt Duckham & Lars Kulik, University of Melbourne, Australia, Location privacy and location-aware computing.
- Google, Privacy: Location privacy.
- The Internet Engineering Task Force (IETF), Geographic Location/Privacy (geopriv) working group.
- Andrew J. Blumberg and Peter Eckersley, "On Locational Privacy, and How to Avoid Losing it Forever," Electronic Frontier Foundation, August 2009.
- Al Gidari, Jr., Perkins Coie, "They Know Where You Are: Location Privacy in a Mobile World," March 10, 2009.
- House of Representatives, Subcommittee on Communications, Technology, and the Internet, Transcript of Hearing on "Communications Networks and Consumer Privacy: Recent Developments," April 23, 2009.
- Privacy International, Location Privacy, December 18, 2007.
- Stephen R. Harwood, Senior Counsel, Electronic Surveillance Issues, Department of Justice, justice.gov, November 2005.
- Ford-Long Wong and Frank Stajano, Location Privacy in Bluetooth, Lecture Notes in Computer Science, 2005 3813/2005, 176-188.
- Mel Tsai, "The Privacy Implications of Cellular Locationing," December 4, 2002.
- People, Not Places A Policy Framework for Analyzing Location Privacy Issues
- Cyrus Farivar, Cops Can Track Your Cell Phone to a Specific Room, ArsTechnica (June 4, 2014)
- R "Ray" Wang, Why I'm Unplugging from Location Based Services Until the Privacy Issue is Resolved, Enterprise Irregulars, January 17, 2011.
- Del. Court: Police need warrant for GPS tracking, wboc.com, December 16, 2010.
- Leonard Deutchman, Ruling on Cell Phone Tower Data Raises Privacy Issues, law.com, December 14, 2010.
- Michael Virtanen, NY agency sued over GPS tracker on worker's car, news.yahoo.com, December 6, 2010.
- Meredith J. Cooper, Probable Cause? Search-warrant affidavits give insight into sting operation on local collectives—and in many cases the evidence appears flimsy, newsreview.com, December 2, 2010.
- Dennis O'Reilly, Privacy concerns dog location-based services, cnet.com, November 13, 2010.
- Kashmir Hill, The Place-Race: Where We Are on Location-Sharing Services Adoption, Forbes.com, November 4, 2010.
- Oliver Chiang, How Facebook Will Own All Your Location Data, Forbes.com, November 3, 2010.
- Kim Zetter, FBI allegedly caught using GPS to spy on student, cnn.com, October 7, 2010.
- An Illegal Search, by GPS, nytimes.com, October 5, 2010.
- RichardC, "Location privacy: whose WiFi signal is it anyway?," October 25, 2010.
- Ashley Yeager, Researchers Find Phone Apps Sending Data without Notification, dukenews.duke.edu, September 29, 2010.
- Wade Roush, "Truste, Citing Location Privacy Worries, Expands Certification Program to the Mobile World," Xconomy, September 27, 2010.
- Pay for the Subway with Your iPhone, nbcnewyork.com, September 24, 2010.
- Susan Freiwald, "Freiwald on Much-Anticipated Cell Location Privacy Decision," Concurring Opinions, September 13, 2010.
- Police GPS Tracking (video), Washington Journal, cspan.org, August 27, 2010.
- Orin Kerr, "Fourth Amendment Stunner: Judge Rules That Cell-Site Data Protected by Fourth Amendment Warrant Requirement," The Volokh Conspiracy, August 31, 2010.
- Charlie Savage, "Judges Divided Over Rising GPS Surveillance," New York Times, August 13, 2010.
- Orin Kerr, D.C. Circuit Introduces "Mosaic Theory" of Fourth Amendment, Holds GPS Monitoring a Fourth Amendment Search, theconstitutional.org, August 8, 2010.
- Spara, "Why location privacy matters," ‘sproke, July 26, 2010.
- Ryan Singel, White Hat Uses Foursquare Privacy Hole to Capture 875K Check-ins, wired.com, June 29, 2010.
- Bill Snyder, CIO, "You Are Here: Scary New Location Privacy Risks," Network World, June 28, 2010.
- Nick Saint, Watch Out: Check-In Apps Share Your Location With More People Than You Think, Forbes.com, June 30, 2010.
- Chloe Albanesius, Apple Location, Privacy Issue Prompts House Inquiry, pcmag.com, June 24, 2010.
- Julia Boorstin, "Twitter's Biz Stone on Bing, Location, Privacy & World Cup Explosion," cnbc.com, June 23, 2010.
- David Sarno, Apple collecting, sharing iPhone users' precise locations [Updated], latimes.com, June 21, 2010.
- Riva Richmond, "Apple's Plans for iPhone Location Privacy," New York Times, April 8, 2010.
- Orin Kerr, Does the Fourth Amendment Prohibit Warrantless GPS Surveillance?, volokh.com, December 13, 2009.
- Kip F. Wainscott, Unwarranted Intrusion: GPS and the Fourth Amendment, acslaw.org, May 19, 2009.
- Yvonne Zipp, Courts divided on Police use of GPS Tracking, The Christian Science Monitor, May 15, 2009.
- Humphrey Cheung, LAPD's dart firing, license plate reading, Video-Streaming Car, tgdaily.com, August 21, 2007.
EPIC relies on support from individual donors to pursue our work.
Subscribe to the EPIC Alert
The EPIC Alert is a by-monthly newsletter highlighting emerging privacy issues.