Creepy App Risks Stepping US Closer to Privacy Legislation

I came across an article today in the New York Times reporting on a smart phone app that uses the location data collected in Four Square and combines it with Facebook’s social graph to identify women near the user. The article describes it this way:

Girls Around Me uses Foursquare, the location-based mobile service, to determine your location. It then scans for women in the area who have recently checked-in on the service. Once you identify a woman you’d like to talk to, one that inevitably has no idea you’re snooping on her, you can connect to her through Facebook, see her full name, profile photos and send her a message.

You can read in the article title that the app is described as “creepy,” which it is, and that it is a violation of Four Square’s API policy but since I assume that the user is consenting to the data mining this app performs it is legal. Which has me thinking that this could be held up as an example of “what’s wrong with privacy” that leads to one of those watershed moments.

In the past 12-18 months we’ve seen an increasing number of stories on privacy violations and these are accompanied by an increasing number of regulators and lawmakers rushing to enact legislation. The most recent example of this was the call from Senators Charles E. Schumer of New York and Richard Blumenthal of Connecticut to limit employers ability to ask for social network credential from employees.

If the story of Girls Around Me gains some traction, and it may since it appears in the New York Times, then we could see a similar reaction here. At some point in the future, and I’m betting sooner rather than later, public reaction in the US to one of these stories is going to be strong enough that serious legislation that puts real restrictions on what personal information companies can collect and limit their ability to aggregate it will appear.

We’ve recently seen the relatively toothless US Privacy BIll of Rights and just last week the FTC released a major privacy statement (also toothless) but these are only the steps to something bigger. I can feel it coming.


Now read this

Corporate Institutionalization of Privacy in the US by 2016

While talking to the endless trickle of people visiting the IAPP booth at RSA last week, I was able to confirm my belief that corporate attitudes towards privacy are changing—It’s just that they are changing slowly. I thought this week... Continue →