Tech Regulation « ACTonline

Archive for the ‘Tech Regulation’ Category

ACT Meets with Silicon Valley Kids Apps Developers

Monday, January 23rd, 2012

Today I will be meeting with mobile app developers as the featured guest at today’s Silicon Valley Apps for Kids meet up. Bill Martin, of SmarTots, will lead a discussion with me about the critical questions of COPPA and Analytics for Kid’s Apps. COPPA is the Children’s Online Privacy Protection Act, a law which the FTC is seeking to update in a way that may pose challenges to app makers.

ACT has been meeting with developers around the country to highlight effective ways to protect mobile privacy. Working with groups like Moms with Apps and PrivacyChoice.org, ACT is working to help developers understand how to update their privacy policies and mobile strategies. These efforts have helped app makers recognize the business practices attracting the attention of federal regulators and to anticipate possible changes in the legal landscape.

ACT has long been working with Congress and the Administration on their efforts to update COPPA. The app marketplace emerged well after the passage of COPPA in 1998, and we fully support the extension of these child privacy protections into the mobile space. We have cautioned regulators, however, about the potential negative consequences from overly broad provisions and continues to work with the FTC to bring a measured clarity to its rules changes.

We’ve been pretty busy in this regard. ACT testified about COPPA at the House Commerce Committee hearing in October, before the Senate Judiciary and Commerce Committee hearings in May, and filed comments with the FTC. Its guidance on mobile privacy issues has been sought by the Administration, the FTC and Congress as Washington considers a variety of ways to address online privacy.

A link for the Silicon Valley Apps for Kids event today is here.

Posted in Apps, Privacy, Tech Regulation | No Comments »

2011: Washington Discovers Apps!

Wednesday, January 4th, 2012

Almost exactly a year ago we went to CES in Las Vegas and met up with many of our app developer members to look at the year ahead. It felt like 2011 was gearing up to be an exciting year of growth, but also when app developers would attract the attention of policy makers. We feared a storm may be brewing in Washington and this turned out to be bigger than we imagined.

In March, a group of Senators tried to compel app stores to remove their traffic apps holding a press conference outside Apple’s Madison Avenue store. ACT took a public stand against this intervention, warning that arbitrary government interference in the iPhone, Android, RIM and Windows mobile application stores would severely constrain the app marketplace.

April was the start of a huge policy debate around apps and privacy. ACT applauded the actions taken by Apple to encrypt location data and encouraged other companies like Google to take consumer privacy seriously. Calls in Washington to regulate apps were growing louder and we strongly felt it was time for app developers to join the conversation.

The Wall Street Journal’s attack on mobile apps and privacy really set the tone for the rest of the year. At every level of government, policy makers were asking questions about app developers, and how they should be regulated. From the House and Senate to federal agencies like the FTC, ACT and our developer members were grilled about how we were protecting consumer information. While it has certainly been rocky, there were bright spots:

We brought 30 developers from across the country to Washington, DC to meet with their elected representatives. Our rock star developers wore out their shoes trekking from office to office taking their message of regulatory restraint to more than 50 Capitol Hill offices.

ACT President Jonathan Zuck and Executive Director Morgan Reed both testified in front of the United States Senate in support of mobile developers. The only voice for app makers at these hearings, ACT was well received and elected officials from around the world continue to seek our guidance on issues facing small business technology companies.

We testified in front of the House Commerce Committee, and helped to remind Members of Congress that mobile developers aren’t built by some secretive large company, but instead are developed by small businesses spread throughout the world and in every Congressional District. Our stories – our members’ stories – had a huge impact. The Commerce Committee took Morgan’s opening remarks and made it the video centerpiece on their website discussing the hearing.

The Apple World Wide Developer Conference in San Francisco in June was a great time to reconnect with existing ACT supporters and app developers including My Busy Kit, iHomeEducator, iStoryTime, and NSC Partners. We discussed policy at iOS DevCamp and sponsored the “Just Crazy Enough It Might Work” category in a multi-day hackathon. Superstar developer team Cindy Pavlinac and Martin Gregory produced an app entitled “Dog Play Date,” a social networking app for dogs. We’re excited to see where this beta app may go!

August is usually a slow month in Washington DC, but not this past year. The Federal Trade Commission fined the developer of Emily’s Girls mobile apps $50,000 for violating children’s online privacy laws. The FTC then turned its attention to rewriting privacy regulations affecting all developers. Other federal agencies began work on broad new rules that could close revenue streams by curtailing developers’ ability to serve ads and track performance. ACT offered its support for protecting children online but cautioned regulators against overreaching in a way that would punish the whole industry.

In November, Morgan Reed spoke at DC WEEK highlighting app developers’ need for more spectrum. Reprising issues raised with the FCC and in congressional meetings, Morgan addressed the looming spectrum crisis urging the government to increase availability so developers may continue to meet customers’ increasing demand for bandwidth-intensive apps. You can read more about apps and the spectrum crunch on Morgan’s Huffington Post page.

During the last month of 2011, ACT’s Morgan Reed addressed the MoDevEast Developer conference calling on app makers to “check yourself before you wreck yourself.” Discussing the importance of privacy and security, Morgan alerted attendees about pending regulatory actions and offered suggestions on how to best serve customers’ privacy needs.

What will 2012 look like for app developers? As the impact of apps on people’s every day lives increases, so will Washington’s interest in regulating this space. It’s important for app developers to be responsible and hold the trust that consumers give with their private information. It’s equally important for policy makers to be mindful of how the policies they craft will impact small app developers like so many of our members. We will continue to speak on behalf our members and look forward to another great (busy!) year.

Posted in Apps, Entrepreneurship, Innovation and IP, Spectrum, Tech Regulation, Web/Tech | No Comments »

Should Google’s $500 million “penalty” for criminal drug sales rule out future government contracting?

Monday, September 19th, 2011

Half a billion dollars.

That would be one of the largest penalties ever levied by the Department of Justice against a single corporation. The company professing to “Do No Evil” was caught facilitating and aiding an illegal drug sales scheme. According to the Wall Street Journal:

The Justice Department contends that Google knew it was potentially violating U.S. law since at least 2003, but didn’t take effective action to ban the ads until it mounted an undercover sting operation against the Internet search giant in 2009.

And it wasn’t one of those bad-stuff-happened-on-my-website-but-I-didn’t-know-about-it deals. The prosecuting attorney specifically called out Google CEO Larry Page as a knowledgeable participant in a plot to help criminals, outside our country’s borders, evade federal drug laws by advertising the illegal sale of prescription drugs online. The search giant’s ad specialists actively helped shape the marketing campaigns of these illegal drug merchants.

“Larry Page knew what was going on,” Peter Neronha, the Rhode Island U.S. Attorney who led the probe, said in an interview. “We know it from the investigation. We simply know it from the documents we reviewed, witnesses that we interviewed, that Larry Page knew what was going on.”

Google collected hundreds of millions of dollars in profits through this criminal activity. That’s a violation of the Controlled Substances Act.

You’ve probably heard that term before. If you’ve ever watched a crime drama on TV you have likely seen a hoodlum on the defense stand facing such charges. Pablo Escobar violated the Controlled Substances Act. So did Frank Lucas and Rayful Edmonds.

The Justice Department got wind of Google’s marketplace for the drug trade through a separate criminal investigation. The Department then began an undercover operation in which Google eagerly helped market the sale of controlled substances to U.S. citizens from abroad. And then the Department of Justice lowered the hammer. Or did they?

Half a billion dollars would be one of the largest penalties ever administered by the DOJ.

Only it wasn’t.

It wasn’t a fine at all. It wasn’t even a penalty. It was a “forfeiture.” The Department of Justice, after uncovering this massive illegal drug market, merely required the offenders to give back their ill-gotten gains. No further punishment. No slap on the wrist even. Not even a stern warning.

That’s like a bank robber giving the back the money and walking free.

How, then, can this be explained? Unfortunately, we’ll never know. The Department of Justice, failing to take any criminal action against Google or its CEO, sealed the documents related to the settlement.

Now, I’m willing to give the DOJ the benefit of the doubt. I imagine the Department had its reasons for keeping mum on the specifics of the deal and there may be legal considerations that we are not privy to. But they have to recognize that the optics are questionable and likely to warrant attention elsewhere in Washington.

Perusing the DOJ website, we did find one nugget of information that could explain what additional penalties may be involved in the settlement. We learned that violators of the Controlled Substances Act may be subject to the Denial of Federal Benefits program:

Closing the Gap Between Incarceration and Probation
… Probation alone is an inadequate tool for dealing with drug offenders. However, lower level drug offenders are not routinely incarcerated unless they also commit a serious offense or have multiple drug-related convictions. To close the gap between incarceration and probation, the U.S. Department of Justice has explored numerous intermediate steps or punishments, including civil penalties, license suspension and revocation, boot camps and shock incarceration, halfway houses, electronic monitoring, drug testing, and denial of federal benefits such as grants, contracts, purchase orders, financial aid, and business and professional licenses. (emphasis added).

Perhaps the DOJ website has not been updated, but currently none of these penalties available to the federal government appear to have been implemented as part of the settlement.

Having been found willfully violating the Controlled Substances Act, I’d be curious to learn if Google will be allowed to continue handling sensitive government information and federal contracts while similar drug offenders have been appropriately barred from such activity.

Usually, getting caught knee deep in a half-billion-dollar drug trade would lead to questions about a drug offender’s ability to maintain the high level of trust required for managing federal funds and assets. Hopefully these questions may be answered in Wednesday’s Judiciary Committee Hearing.

Posted in Competition, Tech Regulation | No Comments »

Neilsen Study Says We Love Apps; And Congress is Taking Notice

Thursday, August 25th, 2011

A Neilsen study was just released revealing the extraordinary connection consumers have with their smartphones. This report is the product of Nielsen’s new Smartphone Analytics program — a valuable new resource that receives data directly from mobile devices providing better accuracy than user surveys.

So what does this new information tell us? Neilsen reports that Android smartphone users spent an average of 56 minutes-per-day on their apps or the web. That’s more time than most people spend with their families at the dinner table every night!

Neilsen also found Android users spent twice as much time on their apps as the mobile web. This underscores how much smartphone users have embraced the app model. There are those who suggest the mobile web eliminates the need for apps, but Neilsen suggests consumer comfort level with apps shows no sign of abating.

We also learned through the study that Android users spent 61% of their time on the top fifty apps. Perhaps this is unsurprising given the long attention span required of popular apps like e-readers (Kindle), navigation apps (Trapster and Google maps), and mobile games (Angry Birds). Some lament that the rest of the 250,000 apps have to fight it out for the remaining 39%. However, if you extrapolate Neilsen’s findings over last quarter’s global Android shipments, that equates to over 1 billion minutes a day. It seems like there are enough minutes to go around.

That’s also a lot of eyeballs. 56 minutes of attention nets a lot of advertising dollars on television. Increasingly, the mobile marketplace is attracting similar ad investment. With the average paid app costing less than three dollars, advertising helps generate enough income for developers to grow their companies and hire new employees.

But as opportunity abounds in the app marketplace — expected to reach $38 billion in the next four years — we are confronted with an increasingly challenging regulatory environment. Congress and the Administration are poised to implement new laws restricting app use, advertising, and online commerce in ways that could stunt this growth before it ever gets started.

Some of the decision makers in Washington are unaccustomed to hearing from app developers and are pursuing policies that would greatly weaken our incentive to innovate. Legislation intended to protect mobile privacy would actually inhibit our ability to market products and realize the fruits of our labor. An article in Politico Pro summed up the serious challenges app developers face:

App-makers may need to look up from those iPhones, Android and BlackBerry games and other tools they’re developing in order to keep closer watch on Washington, where federal regulators are mulling new ways to protect app users.

Even if Congress does not deliver any new privacy law targeting apps and other online services this year, both lawmakers on Capitol Hill and watchdogs at the FTC are aiming to send a message to small-time developers that federal consumer protection rules apply to them, too.

The FTC has been effectively regulating the app industry, levying severe fines against those with privacy violations. The commission claims it already possesses sufficient enforcement authority to combat problems where they arise without need for new regulations.

The real danger is that Congress intends to legislate against new technology in a nascent industry it has yet to fully comprehend. Never mind their intent, they see apps as a threat and are unconcerned if new legislation punishes an entire industry of law abiding app makers to address a few bad actors. The app market is growing at breakneck speed, one of the few bright lights in our weakened economy. Now is not the time for Congress to stunt economic growth and job creation with burdensome, unnecessary regulation.

Posted in Apps, Privacy, Tech Regulation | No Comments »

Court Decision Upholding Wi-Spy Wiretap Violations Reaffirms Effectiveness of Existing Privacy Laws

Thursday, June 30th, 2011

Today the U.S. District Court issued a significant ruling that Google can be held liable for damages under the Wiretap Act because of its Wi-Spy program that collected usernames, passwords, whole emails, and other private data.

The Wi-Spy program was a part of a Street View initiative in which Google vehicles drove down nearly every street in America with sophisticated eavesdropping devices that captured any data being transmitted from an unencrypted wireless router. Almost every family in America with a home wireless network was vulnerable to Google’s listening devices. The court describes it best:

In 2006, prior to the launch of the Google Street View vehicles, Defendant’s employee engineers intentionally created a data collection system that included code that sampled, collected, decoded and analyzed all types of data broadcast through Wi-Fi connections. (CCAC ¶¶ 60-61.) This data collection system is commonly known as a packet analyzer, wireless sniffer, network analyzer, packet sniffer or protocol analyzer. (Id. ¶ 61.) Defendant authorized inclusion of this wireless sniffer technology into its Google Street View vehicles and even sought to patent the process. (Id. ¶ 65.) The wireless sniffer secretly captures data packets as they stream across Wi-Fi connections and then decodes or decrypts the data packet and analyzes the contents.

Google has been a bad actor in our industry when it comes to privacy. In addition to Wi-Spy, the company also conducted its Doodle for Google campaign to collect social security numbers and other sensitive data about schoolchildren and recently received the biggest penalty ever issued by the FTC for its Buzz product which revealed private communications between users and deceptively failed to unsubscribe them when asked. Google’s bad acts have reflected poorly on the entire internet and mobile apps community.

The District Court decision is significant because it demonstrates that sufficient privacy safeguards currently exist in our judicial system. Too often a regulatory response to a few bad actors results in unintended downstream consequences that negatively affect the industry. Most often, those that suffer the greatest in this environment are small businesses and startups. We have long been aware of the negative impact Google has had on consumers’ faith in the security of their online privacy. It is our hope that the courts continue to treat the Wi-Spy matter seriously so consumer confidence may be restored.

A copy of the court decision may be found, here. (.pdf)

Posted in Privacy, Tech Regulation | No Comments »

Supreme Court Decision Affirms Video Games’ First Amendment Rights

Monday, June 27th, 2011

The Supreme Court’s 7-2 decision today in Brown v. Entertainment Merchants Association struck down a California law that prohibited, in part, the sale of certain video games to minors. One of the most important aspects of this decision was the court’s recognition of media equality; electronic media receive the same first amendment protections as books and movies.

The Court correctly noted that, “the basic principles of freedom of speech and the press . . . do not vary ‘when a new and different medium for communication appears.’” This recognition that all content creators enjoy the same constitutional rights, regardless of the format, provides a strong foundation on which emerging technologies may rely. In addition, the Supreme Court today helped remind us that our founders likely did not want laws disfavoring certain industries on the basis of technology.

The Court recognized that voluntary, self-regulatory rating systems like the ESRB rating system for video games may provide a better mechanism for creators to communicate information about content to parents than overly broad laws.

Posted in Tech Regulation | No Comments »

ACT Responds to Apps Developers’ Concerns over CTIA Regulatory Proposal

Monday, May 2nd, 2011

ACT rejects the proposal by Cellular Telephone and Internet Association to rate smartphone apps and act as the apps regulator. Software developers have expressed loud and clear that they do not want an association with competing interests to regulate the applications ecosystem.

Recently, government officials and trade associations have been speaking about app developers, but no one has been speaking to app developers. Wireless carriers and their representatives have suggested that apps developers submit to a ‘self-regulatory’ process in which carriers and handset manufacturers would set and enforce standards. This is not the right direction.

We have heard loud and clear from our members that any self-regulatory initiative for apps developers should be undertaken by apps developers. They are wise enough to understand that self-regulation does not mean putting your company’s future in the hands of another industry.

Phone manufacturers have helped to create an ecosystem that supports our applications, but their concerns are focused on maximizing the number of handsets sold, not on the needs of application developers. An onerous rating system may have no direct impact on handset sales, but could devastate a small developer whose business relies on the ability of consumers to determine for themselves which feature sets they prefer.”

App sales are currently a $2 billion-a-year industry, expected to rise to $38 billion by 2015. The rising demand for wireless broadband and mobile devices derives largely from the widespread availability of apps created by application developers to make these devices productive and enjoyable to use.

Posted in Apps, Entrepreneurship, Tech Regulation | No Comments »

ACT Response to Apple Statement on Location Data Collection

Friday, April 29th, 2011

Representing thousands of app developers, ACT applauds Apple’s proposed steps to address concerns raised by the use of location data on mobile phones. The public outcry we are witnessing demonstrates that the technology industry must do more to make consumers confident in the security of their personal information. Apple has agreed to encrypt location data, explaining how and why it is being used while allowing users to opt out of location-based services. It is important that customers are aware of what data is being used and affirmatively agree to its collection.

Google now needs to follow Apple’s lead and explain what they are doing with the data they collect on mobile phones. Unfortunately, its track record instills little confidence in consumers after a series of high profile privacy violations. Eavesdropping on family wifi networks, revealing users’ email contacts to social networks without providing an opt out, and profiling schoolchildren by collecting their social security numbers and place of birth as requirements for entry in a drawing contest has left many consumers understandably suspicious of Google’s concern for privacy. Unfortunately, these incidents have led to a general distrust of smartphone privacy provisions. App developers are now being negatively impacted by Google’s continued mistakes

Location-based services are among the most popular features on smartphones. Traffic apps and other location specific services are part of the explosive growth of the apps marketplace. With sales at $2 billion, expected to reach $38 within four years, the apps marketplace is one of the brightest areas of our economy. Public confidence in the safety of personal information on smartphones is essential for the continued success of our country’s app developers. It is crucial that Google explains clearly to customers if and how their information is used so they can earn the trust of consumers and allow our apps economy to thrive.

Posted in Privacy, Tech Regulation | No Comments »

FTC’s Google Buzz Settlement Is a Start

Wednesday, March 30th, 2011

The Federal Trade Commission today announced a proposed settlement in its case against Google for the privacy violations behind its Buzz social networking product. You may recall, Google launched Buzz by integrating it directly into its email program, immediately disclosing the identities of people a user regularly contacted. Google failed to inform consumers that this was a function of Buzz and did not fully remove those who sought to opt-out of the service.

I appreciate that the Federal Trade Commission identified the privacy violations of Google’s Buzz program to be of great concern to consumers. The FTC was right to take up the case against Google for its transgressions. While it’s a good start, today’s proposed settlement doesn’t go far enough to punish or deter. The suggested penalties include a biennial audit, implementation of a privacy policy, and $16,000 fines for future violations.

Google would be required to submit to a third-party audit of its privacy programs every two years, the results of which will not be made public. A lot can happen in two years. After all, in far less time, Google has:

revealed who you communicate with (Buzz);
eavesdropped on your home wireless network collecting your passwords, emails, instant messages, and account information (Wi-Spy); and
begun profiling your children collecting their social security numbers and other personally identifiable information (Doodle for Google drawing contest).

Google’s dominance in online search, advertising and analytics allow it to acquire an extraordinary amount of information if it chooses to violate consumer privacy protections. But while fines of $16,000 for privacy violations aren’t much of a deterrent to a company worth $180 billion, it is a start. The FTC and other agencies will need to take further actions against Google if they hope to discourage it from repeatedly violating consumer privacy.

This matter is a great concern for those in the technology industry because continued bad behavior by a dominant market player, that proceeds unchecked, will inevitably result in an over-sized regulatory response. Broad, industry-wide regulation will be the eventual outcome affecting everyone if Google is never sufficiently punished for thumbing its nose at consumers, privacy regulations, and government authorities.

Posted in Privacy, Tech Regulation | No Comments »

Blocking Traffic Apps Trapster and PhantomALERT is Misguided

Wednesday, March 23rd, 2011

Today, Senators Reid, Schumer, Lautenberg and Udall released a letter they sent to mobile applications stores asking them to block distribution of traffic software apps like Trapster and PhantomALERT because user-generated input can warn drivers about drunk driving checkpoints.

While I applaud the Senators for seeking to curb drunk driving, their criticism of online traffic apps misses the point. These programs feature information about speed and red light cameras by mapping publicly available information provided by law enforcement agencies. There is also a social networking element of the apps which allows users to submit traffic information so drivers can avoid traffic jams. This makes these programs very popular attracting tens of millions of users. Law enforcement authorities have embraced these services expressing their strong approval for products that reduce speeding and improve traffic safety.

These traffic apps rely on user-submitted and law enforcement provided information. Any one of the programs’ users can submit a warning about a traffic obstruction as simply as emailing a friend or posting a message on their Facebook profile. The suggestion that the government should compel Apple, RIM, or other mobile application stores to block programs that simply allow users to report information based on location is misguided at best. Taken to its conclusion, that would require blocking apps like Foursquare and Loopt. Having the government act as arbiter of which products should be sold in stores is a slippery slope that few would welcome.

Posted in Current Affairs, Tech Regulation | 1 Comment »