[Congressional Record Volume 157, Number 86 (Wednesday, June 15, 2011)]
[Senate]
[Pages S3793-S3795]
From the Congressional Record Online through the Government Publishing Office [www.gpo.gov]
TRIBUTE TO GERRY COUNIHAN
Mr. HARKIN. Mr. President, when Gerry Counihan leaves the Senate
employment in the next couple of days, we will lose one of the most
respected and beloved members of our Senate family. During his nearly
two decades of service with the Senate, he has epitomized the
professionalism, dedication, loyalty, and the incredible work ethic of
the best staff members on Capitol Hill. So we are saying farewell not
just to a wonderful Senate employee but also to a very good friend.
Mr. President, Gerry Counihan first came to Capitol Hill in 1991 as a
member of John McCain's staff. He later left the Senate for a brief
time, but returned in 1997 as a tour guide in the Capitol Building,
where he truly excelled. In fact, Gerry made a bit of history himself.
He gave the first public tour following the fatal shooting of two
Capitol police officers in 1998. When the Capitol reopened to visitors
following the attacks of September 11, 2001, Gerry again led the first
tour of the Capitol.
Four years ago, sadly, Gerry was the victim of a violent crime and
sustained very grave injuries. He spent over 4 weeks at the National
Rehabilitation Hospital. It was a long and courageous struggle to learn
to walk and speak again. But he persevered and succeeded.
Unfortunately, Gerry was not able to return to his job as a tour
guide because of his injuries, but he was hired by the Sergeant at Arms
to work as one of our elevator operators. That is where I and so many
other Senators have had the pleasure of meeting him and enjoying his
company in recent years.
I can't tell you how many times during late night sessions he has
brightened our lives with a kind word or bright smile. I can't tell you
how many times he has shepherded us into the sanctuary of his elevator
while fending off intrusive reporters or lobbyists. We have always been
grateful to him for that.
No question about it, Gerry Counihan has been one of those very
special people who make the Senate a great place to work.
Gerry is moving on to a new career with new responsibilities and new
opportunities at the Department of Health and Human Services out in
Rockville, MD. With his departure, we are saying goodbye to a standout
Senate staffer, a great friend, and someone who always brightens our
day. We will miss him very much.
There are not many things that Republicans and Democrats agree on in
this body these days, but our love for Gerry Counihan is bipartisan
and--indeed, I can say this without any fear of contradiction--
unanimous. The Senate family joins together in wishing Gerry happiness
and success in his new career.
With that, I yield the floor and suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The legislative clerk proceeded to call the roll.
Mr. FRANKEN. Madam President, I ask unanimous consent that the order
for the quorum call be rescinded.
The PRESIDING OFFICER (Ms. Klobuchar). Without objection, it is so
ordered.
The Senator from Minnesota.
Mr. FRANKEN. I thank the Chair.
Madam President, I rise today to discuss what I think is one of the
clearest threats to Americans' digital privacy and to discuss
legislation I think will go a long way toward addressing this problem.
Americans have valued and sought to protect their right to privacy
for a long time, and so have the representatives they have elected to
be a part of this Chamber. But in the past few decades, there has been
a fundamental shift in the nature of our right to privacy and the
privacy threats we face. Because when I was young, when people talked
about their right to privacy, they talked about protecting themselves
from the government--from government intrusion. They asked: Is the
government keeping tabs on my political beliefs? Is it staying out of
my family business?
Today, we still need to worry about protecting our privacy from the
government, but we also need to protect our privacy from private
entities--from corporations that are obtaining and aggregating
increasingly large amounts of our personal information. Nowhere is that
need clearer and more urgent than on the Internet. Within the Internet
ecosystem, I would argue that some of the most sensitive information
out there comes from our phones.
Smartphones are the future of the Internet and can actually be more
powerful than desktop computers from a decade ago. There will be more
smartphones sold in 2012 than laptops and desktops combined. There is a
reason for that. These are incredible devices. Using a smartphone, a
mother or
[[Page S3794]]
father can see his or her child, wish him or her goodnight, even if
that child is half a world away. A smartphone can give a driver
directions and can tell that driver where the nearest gas station is.
Smartphones also enable emergency responders to find and respond to an
accident in a matter of seconds.
But the same technology that allows these wonderful benefits also
raises very clear privacy concerns. Our smartphones know where we are
all the time. Unfortunately, the last 6 months has shown that our legal
framework hasn't kept up with technology and isn't protecting our
privacy when we use these devices.
Last December, an investigation by the Wall Street Journal revealed
that of 101 top applications for Apple iPhones and Google Android
devices, 47 disclosed information about a user's location to third
parties, without asking consent from the user.
In April, security researchers discovered that for almost a year,
Apple iPhone devices have been creating a detailed log of the different
places a user had visited--and stored that log on both the phone and on
every computer a user synched his or her device to in an unencrypted
manner. That same month, Americans learned that both iPhones and
Androids were automatically transmitting location information back to
Apple and Google. In the case of the iPhones, the user had no clear way
of knowing this was happening. In many cases, they actually had no way
to stop it.
In February, I became chairman of the Judiciary Committee's new
Subcommittee on Privacy, Technology, and the Law. I decided to use my
new role to dig down and find out more about smartphone privacy. When I
learned of the events in April, I wrote Apple about what was going on,
and in May, I held our first subcommittee hearing on the issue. We took
testimony from the Department of Justice, the Federal Trade Commission,
privacy advocates, technologists, representatives from app developers,
and we took testimony from Apple and from Google. I will tell you, the
more I learned about this problem, the more I became worried for
consumers.
I learned that an app on your phone can access an incredible amount
of information on you. It can monitor your Web browsing habits. It can
access and read your address book. And, of course, it can access your
location. But in most cases, a user has no way of knowing that all of
this information can be freely sent to third parties that the user has
never heard of. A recent study of the top 340 free applications found
that only 19 percent provide users with a link to a privacy policy.
That is less than one in five apps.
I also learned that our Federal laws on this subject are a confusing
hodgepodge full of gaps and loopholes, and that in many cases our
current Federal laws explicitly allow wireless companies and companies
such as Apple and Google to disclose our location information to
whomever they want.
Let me give you an example. If I use my smartphone to make a phone
call, my wireless company cannot go out and give my location to third
parties without getting my express consent. But if I use that same
smartphone to search the Internet, my wireless company can disclose my
information to almost anyone they want.
Here is another example. If I use a mapping application on my
smartphone to find out where I am or to find the nearest supermarket,
Apple and Google would have to ask my consent before telling third
parties where I am. But if my same phone automatically transmits my
location to one of these companies without my knowing it, then,
arguably, under current Federal law, again, these companies would
likely be free to disclose my information to almost anyone they want.
You do not have to take my word for it. Over the past several months,
I have asked privacy experts and officials from the Department of
Justice and the Department of Commerce about these issues, and they
have confirmed that this is, in fact, the case. This does not make
sense. In fact, it is kind of a problem.
But the most alarming thing I heard is that there are real-life
consequences when we do not do enough to protect location information
on our smartphones. The very first group that contacted me after I
wrote my letter to Apple in April was the Minnesota Battered Women's
Coalition. They told me they have seen time and time again how
smartphone location technology can be abused by batterers and stalkers.
I asked the Minnesota Battered Women's Coalition to submit testimony
for my hearing. Two stories from their testimony jumped out at me. One
was of a woman from St. Louis County, MN. The Presiding Officer knows
St. Louis County very well. It extends from Duluth all the way up to
the Canadian border. It is a huge county, actually.
Recently, this woman had gone to a domestic violence program located
in a county building. Within 5 minutes of entering the building, her
abuser sent her a text message and asked her: Why are you in the county
building? Soon after that, an advocate helped her get an order of
protection against her abuser. To get that, she needed to go to the
local courthouse. Soon after she filed the order of protection, the
abuser texted her again. This time he asked: Why did you go the
courthouse? Did you file for an order of protection against me? The
advocates later concluded that this woman's abuser was tracking her via
a location tracking service on her phone.
Another woman in Minnesota had a similar experience when she secretly
entered a domestic violence shelter and her abuser started sending her
text messages asking her: Why are you at a shelter? In fact, he started
calling taxicabs to wait for her outside the shelter at all hours of
the day. Again, in this case, advocates realized that this woman's
abuser was tracking her through an app on her phone.
My goal with the Privacy Subcommittee is to try to find a balance
between the wonderful benefits of modern technology and our need to
protect our privacy. Right now, when it comes to smartphone location
technology, we have an imbalance, because we are getting all the
wonderful benefits, but we are not keeping our privacy. I think we can
get both.
This problem is not going to fix itself. Let me tell you why I say
that. After the hearing with Apple and Google, I asked representatives
from each of those companies a simple question: Will you require that
the apps you sell have privacy policies? In fact, I also asked them
this: Even if you do not require that all the apps you sell have
privacy policies, will you at least require privacy policies for just
the apps that can get your location?
Well, by last week, both companies had answered my questions. Let me
summarize their answers: No.
I think Congress needs to act. That is why today I am introducing the
Location Privacy Protection Act of 2011. This piece of legislation is
founded on a simple principle: that consumers have a right to know what
information is being collected about them and how it is being used, and
that they have a right to decide who will get that information, and
with whom they can share it.
This bill will fill gaps and loopholes in current Federal law to give
consumers four simple protections.
First, the bill says that anytime your wireless company or a company
such as Google or Apple or an app developer wants to get your location
from your smartphone, they need to get your permission first.
Second, if they want to give your information to a third party, they
also need to get your permission. This does not mean that our
smartphones are going to be clogged with permission screens. No. This
can be done with one simple screen. My bill does not require a new
permission screen from every subsequent company that gets your
location. That would be impractical. It would not be smart.
The third thing it does is require companies that collect and
aggregate the location information from thousands of consumers to take
reasonable measures to protect that information from foreseeable
threats.
Finally, if a consumer writes one of these companies and asks: Hey,
do you have my location information, that company has to answer that
user yes or no. And if the user asks for his or her information to be
deleted, the company has to honor that request.
When I wrote the bill, I looked at the way other current digital
privacy laws were being enforced. Most of them have
[[Page S3795]]
what is called a private right of action that allows a consumer to get
their day in court if their rights are violated. I know that many
entrepreneurs find these burdensome, so I wrote the private right of
action clause such that it would only kick in if no Federal or State
authority decides to act.
I also included exceptions in the bill to make it easier for parents
to keep track of their children, for companies to protect against fraud
and use location information that is anonymous, and for emergency
responders to get to the scene of an accident without any redtape.
In fact, this bill does not cover law enforcement at all. It governs
only what private companies do with our information, and what companies
they share it with.
I am proud to have worked on this bill with my friend from
Connecticut, Senator Blumenthal. I am equally proud the bill has the
support of the Center for Democracy and Technology, Consumers Union,
Consumer Action, the National Association of Consumer Advocates, the
National Consumers League, the National Women's Law Center, the
National Center for Victims of Crime, the National Network to End
Domestic Violence, and the Minnesota Public Interest Research Group.
This bill will bring us back to a better balance between the benefits
of smartphone technology--and they are wonderful--and our right to
privacy, which is basic. It was written with input from consumer
advocates and industry alike. But even after today, I will continue to
work with these groups to make sure our bill is getting that balance
right. I look forward to those conversations.
Mr. FRANKEN. Madam President, I yield the floor.
I suggest the absence of a quorum.
The PRESIDING OFFICER. The clerk will call the roll.
The assistant legislative clerk proceeded to call the roll.
Ms. LANDRIEU. Madam President, I ask unanimous consent that the order
for the quorum call be rescinded.
The PRESIDING OFFICER. Without objection, it is so ordered.
____________________