[Congressional Record Volume 157, Number 86 (Wednesday, June 15, 2011)]
[Senate]
[Pages S3793-S3795]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]




                       TRIBUTE TO GERRY COUNIHAN

  Mr. HARKIN. Mr. President, when Gerry Counihan leaves the Senate 
employment in the next couple of days, we will lose one of the most 
respected and beloved members of our Senate family. During his nearly 
two decades of service with the Senate, he has epitomized the 
professionalism, dedication, loyalty, and the incredible work ethic of 
the best staff members on Capitol Hill. So we are saying farewell not 
just to a wonderful Senate employee but also to a very good friend.
  Mr. President, Gerry Counihan first came to Capitol Hill in 1991 as a 
member of John McCain's staff. He later left the Senate for a brief 
time, but returned in 1997 as a tour guide in the Capitol Building, 
where he truly excelled. In fact, Gerry made a bit of history himself. 
He gave the first public tour following the fatal shooting of two 
Capitol police officers in 1998. When the Capitol reopened to visitors 
following the attacks of September 11, 2001, Gerry again led the first 
tour of the Capitol.
  Four years ago, sadly, Gerry was the victim of a violent crime and 
sustained very grave injuries. He spent over 4 weeks at the National 
Rehabilitation Hospital. It was a long and courageous struggle to learn 
to walk and speak again. But he persevered and succeeded.
  Unfortunately, Gerry was not able to return to his job as a tour 
guide because of his injuries, but he was hired by the Sergeant at Arms 
to work as one of our elevator operators. That is where I and so many 
other Senators have had the pleasure of meeting him and enjoying his 
company in recent years.
  I can't tell you how many times during late night sessions he has 
brightened our lives with a kind word or bright smile. I can't tell you 
how many times he has shepherded us into the sanctuary of his elevator 
while fending off intrusive reporters or lobbyists. We have always been 
grateful to him for that.
  No question about it, Gerry Counihan has been one of those very 
special people who make the Senate a great place to work.
  Gerry is moving on to a new career with new responsibilities and new 
opportunities at the Department of Health and Human Services out in 
Rockville, MD. With his departure, we are saying goodbye to a standout 
Senate staffer, a great friend, and someone who always brightens our 
day. We will miss him very much.
  There are not many things that Republicans and Democrats agree on in 
this body these days, but our love for Gerry Counihan is bipartisan 
and--indeed, I can say this without any fear of contradiction--
unanimous. The Senate family joins together in wishing Gerry happiness 
and success in his new career.
  With that, I yield the floor and suggest the absence of a quorum.
  The PRESIDING OFFICER. The clerk will call the roll.
  The legislative clerk proceeded to call the roll.
  Mr. FRANKEN. Madam President, I ask unanimous consent that the order 
for the quorum call be rescinded.
  The PRESIDING OFFICER (Ms. Klobuchar). Without objection, it is so 
ordered.
  The Senator from Minnesota.
  Mr. FRANKEN. I thank the Chair.
  Madam President, I rise today to discuss what I think is one of the 
clearest threats to Americans' digital privacy and to discuss 
legislation I think will go a long way toward addressing this problem.
  Americans have valued and sought to protect their right to privacy 
for a long time, and so have the representatives they have elected to 
be a part of this Chamber. But in the past few decades, there has been 
a fundamental shift in the nature of our right to privacy and the 
privacy threats we face. Because when I was young, when people talked 
about their right to privacy, they talked about protecting themselves 
from the government--from government intrusion. They asked: Is the 
government keeping tabs on my political beliefs? Is it staying out of 
my family business?
  Today, we still need to worry about protecting our privacy from the 
government, but we also need to protect our privacy from private 
entities--from corporations that are obtaining and aggregating 
increasingly large amounts of our personal information. Nowhere is that 
need clearer and more urgent than on the Internet. Within the Internet 
ecosystem, I would argue that some of the most sensitive information 
out there comes from our phones.
  Smartphones are the future of the Internet and can actually be more 
powerful than desktop computers from a decade ago. There will be more 
smartphones sold in 2012 than laptops and desktops combined. There is a 
reason for that. These are incredible devices. Using a smartphone, a 
mother or

[[Page S3794]]

father can see his or her child, wish him or her goodnight, even if 
that child is half a world away. A smartphone can give a driver 
directions and can tell that driver where the nearest gas station is. 
Smartphones also enable emergency responders to find and respond to an 
accident in a matter of seconds.
  But the same technology that allows these wonderful benefits also 
raises very clear privacy concerns. Our smartphones know where we are 
all the time. Unfortunately, the last 6 months has shown that our legal 
framework hasn't kept up with technology and isn't protecting our 
privacy when we use these devices.
  Last December, an investigation by the Wall Street Journal revealed 
that of 101 top applications for Apple iPhones and Google Android 
devices, 47 disclosed information about a user's location to third 
parties, without asking consent from the user.
  In April, security researchers discovered that for almost a year, 
Apple iPhone devices have been creating a detailed log of the different 
places a user had visited--and stored that log on both the phone and on 
every computer a user synched his or her device to in an unencrypted 
manner. That same month, Americans learned that both iPhones and 
Androids were automatically transmitting location information back to 
Apple and Google. In the case of the iPhones, the user had no clear way 
of knowing this was happening. In many cases, they actually had no way 
to stop it.
  In February, I became chairman of the Judiciary Committee's new 
Subcommittee on Privacy, Technology, and the Law. I decided to use my 
new role to dig down and find out more about smartphone privacy. When I 
learned of the events in April, I wrote Apple about what was going on, 
and in May, I held our first subcommittee hearing on the issue. We took 
testimony from the Department of Justice, the Federal Trade Commission, 
privacy advocates, technologists, representatives from app developers, 
and we took testimony from Apple and from Google. I will tell you, the 
more I learned about this problem, the more I became worried for 
consumers.

  I learned that an app on your phone can access an incredible amount 
of information on you. It can monitor your Web browsing habits. It can 
access and read your address book. And, of course, it can access your 
location. But in most cases, a user has no way of knowing that all of 
this information can be freely sent to third parties that the user has 
never heard of. A recent study of the top 340 free applications found 
that only 19 percent provide users with a link to a privacy policy. 
That is less than one in five apps.
  I also learned that our Federal laws on this subject are a confusing 
hodgepodge full of gaps and loopholes, and that in many cases our 
current Federal laws explicitly allow wireless companies and companies 
such as Apple and Google to disclose our location information to 
whomever they want.
  Let me give you an example. If I use my smartphone to make a phone 
call, my wireless company cannot go out and give my location to third 
parties without getting my express consent. But if I use that same 
smartphone to search the Internet, my wireless company can disclose my 
information to almost anyone they want.
  Here is another example. If I use a mapping application on my 
smartphone to find out where I am or to find the nearest supermarket, 
Apple and Google would have to ask my consent before telling third 
parties where I am. But if my same phone automatically transmits my 
location to one of these companies without my knowing it, then, 
arguably, under current Federal law, again, these companies would 
likely be free to disclose my information to almost anyone they want.
  You do not have to take my word for it. Over the past several months, 
I have asked privacy experts and officials from the Department of 
Justice and the Department of Commerce about these issues, and they 
have confirmed that this is, in fact, the case. This does not make 
sense. In fact, it is kind of a problem.
  But the most alarming thing I heard is that there are real-life 
consequences when we do not do enough to protect location information 
on our smartphones. The very first group that contacted me after I 
wrote my letter to Apple in April was the Minnesota Battered Women's 
Coalition. They told me they have seen time and time again how 
smartphone location technology can be abused by batterers and stalkers.
  I asked the Minnesota Battered Women's Coalition to submit testimony 
for my hearing. Two stories from their testimony jumped out at me. One 
was of a woman from St. Louis County, MN. The Presiding Officer knows 
St. Louis County very well. It extends from Duluth all the way up to 
the Canadian border. It is a huge county, actually.
  Recently, this woman had gone to a domestic violence program located 
in a county building. Within 5 minutes of entering the building, her 
abuser sent her a text message and asked her: Why are you in the county 
building? Soon after that, an advocate helped her get an order of 
protection against her abuser. To get that, she needed to go to the 
local courthouse. Soon after she filed the order of protection, the 
abuser texted her again. This time he asked: Why did you go the 
courthouse? Did you file for an order of protection against me? The 
advocates later concluded that this woman's abuser was tracking her via 
a location tracking service on her phone.
  Another woman in Minnesota had a similar experience when she secretly 
entered a domestic violence shelter and her abuser started sending her 
text messages asking her: Why are you at a shelter? In fact, he started 
calling taxicabs to wait for her outside the shelter at all hours of 
the day. Again, in this case, advocates realized that this woman's 
abuser was tracking her through an app on her phone.
  My goal with the Privacy Subcommittee is to try to find a balance 
between the wonderful benefits of modern technology and our need to 
protect our privacy. Right now, when it comes to smartphone location 
technology, we have an imbalance, because we are getting all the 
wonderful benefits, but we are not keeping our privacy. I think we can 
get both.
  This problem is not going to fix itself. Let me tell you why I say 
that. After the hearing with Apple and Google, I asked representatives 
from each of those companies a simple question: Will you require that 
the apps you sell have privacy policies? In fact, I also asked them 
this: Even if you do not require that all the apps you sell have 
privacy policies, will you at least require privacy policies for just 
the apps that can get your location?
  Well, by last week, both companies had answered my questions. Let me 
summarize their answers: No.
  I think Congress needs to act. That is why today I am introducing the 
Location Privacy Protection Act of 2011. This piece of legislation is 
founded on a simple principle: that consumers have a right to know what 
information is being collected about them and how it is being used, and 
that they have a right to decide who will get that information, and 
with whom they can share it.
  This bill will fill gaps and loopholes in current Federal law to give 
consumers four simple protections.
  First, the bill says that anytime your wireless company or a company 
such as Google or Apple or an app developer wants to get your location 
from your smartphone, they need to get your permission first.
  Second, if they want to give your information to a third party, they 
also need to get your permission. This does not mean that our 
smartphones are going to be clogged with permission screens. No. This 
can be done with one simple screen. My bill does not require a new 
permission screen from every subsequent company that gets your 
location. That would be impractical. It would not be smart.
  The third thing it does is require companies that collect and 
aggregate the location information from thousands of consumers to take 
reasonable measures to protect that information from foreseeable 
threats.
  Finally, if a consumer writes one of these companies and asks: Hey, 
do you have my location information, that company has to answer that 
user yes or no. And if the user asks for his or her information to be 
deleted, the company has to honor that request.
  When I wrote the bill, I looked at the way other current digital 
privacy laws were being enforced. Most of them have

[[Page S3795]]

what is called a private right of action that allows a consumer to get 
their day in court if their rights are violated. I know that many 
entrepreneurs find these burdensome, so I wrote the private right of 
action clause such that it would only kick in if no Federal or State 
authority decides to act.
  I also included exceptions in the bill to make it easier for parents 
to keep track of their children, for companies to protect against fraud 
and use location information that is anonymous, and for emergency 
responders to get to the scene of an accident without any redtape.
  In fact, this bill does not cover law enforcement at all. It governs 
only what private companies do with our information, and what companies 
they share it with.
  I am proud to have worked on this bill with my friend from 
Connecticut, Senator Blumenthal. I am equally proud the bill has the 
support of the Center for Democracy and Technology, Consumers Union, 
Consumer Action, the National Association of Consumer Advocates, the 
National Consumers League, the National Women's Law Center, the 
National Center for Victims of Crime, the National Network to End 
Domestic Violence, and the Minnesota Public Interest Research Group.
  This bill will bring us back to a better balance between the benefits 
of smartphone technology--and they are wonderful--and our right to 
privacy, which is basic. It was written with input from consumer 
advocates and industry alike. But even after today, I will continue to 
work with these groups to make sure our bill is getting that balance 
right. I look forward to those conversations.
  Mr. FRANKEN. Madam President, I yield the floor.
  I suggest the absence of a quorum.
  The PRESIDING OFFICER. The clerk will call the roll.
  The assistant legislative clerk proceeded to call the roll.
  Ms. LANDRIEU. Madam President, I ask unanimous consent that the order 
for the quorum call be rescinded.
  The PRESIDING OFFICER. Without objection, it is so ordered.

                          ____________________