The California Public Utilities Commission (PUC) have declined to consider updating cellphone privacy regulations last revised in pre-smartphone 1986, citing a “dearth” of alleged violations of the ancient tome and the existence of adequate state and federal laws.
“I find that the petitioners have not identified any sensitive customer information that is not already protected by the existing privacy laws and regulations,” Commissioner Mark Ferron said at the meeting. “Nor have they documented any examples of actual breaches of customer privacy.”
The 3-2 vote last week came in response to a petition (pdf) filed by three consumer groups more than a year ago asking the commission to consider new privacy rules that would govern the behavior of mobile carriers like AT&T, Verizon and Sprint, although there is strong sentiment for looking at developers of applications that are downloaded by the millions.
The Consumer Federation of California, (CFC) The Utility Reform Network (TURN) and Privacy Rights Clearinghouse (PRC) argued the obvious: today’s phones are nothing like the flip-phones of 20 years ago. They are sophisticated handheld computers with functions like texting and Internet access, not to mention the myriad apps available. The phones are also constantly on and under siege by data miners, sweeping up personal information—including where they are—for storage, marketing and resale.
The petition asked the commission to do four things: evaluate the privacy practices carriers; create privacy standards for carriers and third parties that gain access to customer data; create policies that anticipate future technological development; and devise a penalty mechanism with “teeth” for wayward telecoms.
The commission majority essentially responded that responsible parties knew enough about wireless privacy and were taking care of the issue. TURN communications director Mindy Spatt disputed that. She told the San Francisco Chronicle, “As long as you are being tracked without your consent, then the laws are inadequate. What about the choice not to be tracked? What about the choice not to have our data sold?”
The petition cited the controversial Carrier IQ software, quietly imbedded on more than 140 million devices, which captures data, including address books, downloads and test messages, and transmits it to the company’s clients. Critics say the software also captures keystrokes of users—and produced a video that seemed to support their contention—but the company denied it does that.
Wireless companies praised the commission’s vote. AT&T spokesman Lane Kasselman told the Los Angeles Times that consumers’ privacy was already in good hands. “We'll continue to work with state and federal government agencies, stakeholders and our industry partners to develop solutions that enhance consumer privacy,” he said.
CFC Executive Director Richard Holober didn’t think the “grossly ignorant” commission ruling was about consumers. “The only beneficiaries of that 3-2 vote are AT&T, Verizon, Sprint and the other carriers,” he said.