Geolocation of the user based on the user's Internet protocol (IP) address. Location-based service companies that specialize in identity protection use this approach, and IP addresses, blocks of IP addresses and credit card billing addresses can all be used to develop a location profile.
2. Personal computer/web browser identification examines the hypertext transfer protocol (HTTP) browser header and other information from the user's computer or device, and compares them to what are expected. This approach compares the time expected from a user's originating geolocation with the actual timestamp that was applied to the information (Malphrus, 2009).
Taken together, these trends in geolocation technologies indicate that like it or not, consumers will increasingly be subjected to situations in which their precise geolocation is known and broadcast to others who may want to use this information for illegal or unethical purposes and these issues are discussed further below.
Legal Implications of Geolocation Technology
Although geolocation technologies have a global scope, there are some specific legal implications for these technologies as they are applied in the United States with respect to the 4th Amendment and Americans' expectations of privacy as discussed further below.
Overview of 4th Amendment. Part of the Bill of Rights, the 4th Amendment establishes fundamental constitutional privacy protections. For instance, according to Black's Law Dictionary, the 4th Amendment is "the amendment of the U.S. Constitution guaranteeing people the right to be secure in their homes and property against unreasonable searches and seizures and providing that no warrants shall issue except upon probable cause and then only as to specific places to be searched and persons and things to be seized" (1999, p. 657). The 4th Amendment therefore establishes an expectation of privacy among American citizens as discussed further below.
Expectation of Privacy. The specific provisions of the 4th Amendment provide the more general framework in which American citizens are guaranteed an expectation of privacy. Over the years, the Supreme Court has expanded the jurisdictional venues in which the expectation of privacy can be legitimately applied, including personally owned vehicles and other locations (Bloom, 2003). The expectation of privacy has been increasingly eroded in recent years, though, through the ability of innovative telecommunications technologies to intrude on even the sanctum sanctorum of Americans' homes and businesses in ways never envisioned by the Founding Fathers. The issue of Internet privacy became the focus of attention in the U.S. In 1996 due in part to pressure from the European Union that had promulgated its "Data Directiev" that included protections for personal information collected by online services in member states (Matwyshyn, 2004). The response to the potential for these Internet-based technologies to invade the privacy of consumers at will was intense: "In the legal private sector in the late 1990s, the technology bubble turned the life of every technology transactions attorney into a frenzy of questions without clear answers, particularly in connection with potential privacy liability and privacy policies" (Matwyshyn, 2004, p. 494).
Despite the lack of a codified set of guidelines for disclosing data collection policies in online venues, an increasing number of enterprises elected to do voluntarily for public relations purposes and Congress decided it was time to provide standard guidelines for Web sites and other mobile services that routinely collected personal information (Matwyshyn, 2004). Although privacy advocates and business lobbies lined up on both sides of this issue, Congress finally took action and by April 2000, the United States had passed the first set of online consumer data protection legislation (Matwyshyn, 2004).
Previous Rulings and Precedents. Precedential case law that affects current applications of 4th Amendment privacy protections include the privacy protection model that was based on Justice Brandeis's dissent in Olmstead v. United States, 277 U.S. 438 (1928). In this case, a narrow majority (five of the nine justices) held that federal official's wiretapping of telephone wires was not a 4th Amendment-protected search or seizure activity because there was no physical trespass and no tangible evidence had been collected (Thierer & Crews, 2003). In his dissent, Justice Brandeis articulated a concept that would have far-reaching implications: "The makers of our Constitution & #8230; conferred, as against the Government, the right to be let alone -- the most comprehensive of rights and the right most valued by civilized men" (Olsmstead v. United States, pp. 478 -- 79).
The importance of this case would be manifest 4 decades later when the Supreme Court decided Katz v. United States, 389 U.S. 347 (1967) and applied Justice Brandeis' reasoning in Olmstead to a forerunner to geolocation-type of information case. According to Thierer and Crews, "In Katz v. United States, the [Court] addressed the constitutionality of federal authorities' use of an electronic listening device attached to the outside of a telephone booth used by Charles Katz, whom the authorities suspected of violating gambling laws" (2003, p. 300). Applying the rationale developed by Justice Brandeis, the Supreme Court held that electronic listening devices violated Katz's 4th Amendment rights, despite the fact that there had been no invasion of his physical property (Thierer & Crews, 2003). In their summation, the Court stated that the provisions of the 4th Amendment protect whatever a citizen "seeks to preserve as private, even in an area accessible to the public.…" (quoted in Thierer & Crews, 2003 at p. 300). In what would become known as the Supreme Court's test for what can be legitimately considered "private" within the purview of the 4th Amendment, Justice Harlan "wrote that the protected zone of Fourth Amendment privacy was defined by the individual's 'actual,' subjective expectation of privacy, and the extent to which that expectation was 'one that society was prepared to recognize as 'reasonable'" (Katz v. United States, quoted in Thierer & Crews, 2003 at p. 361). This privacy test was adopted in 1968 and remains the gold standard today (Thierer & Crews, 2003).
Proposed New Legislation. Effects to enact an Internet privacy bill began in earnest in 2010 when Congress proposed such a bill; however, despite extensive efforts to reach viable compromises between privacy protection and online commercial interest groups, this legislation remains stalled in the House (Ingram, 2010). Many of the provisions of this draft legislation, though, remain the focus of legislative efforts in the U.S. Senate where Senators John Kerry and John McCain began drafting an Internet privacy bill in 2010 (A new Internet privacy law?, 2011) and the bipartisan Commercial Privacy Bill of Rights Act of 2011 was announced in April 2011 (Couch, 2011).
Impact of Legislation. Perhaps the most important -- and controversial -- effect of the Commercial Privacy Bill of Rights Act of 2011 (the "Act") is the requirement for online companies to be more transparent concerning their information-sharing practices and the ability of consumers to have a voice in how their personal information is used. In this regard, the Act would require companies to notify consumers before they collect any data and would allow them the opportunity to opt-out of such data collection (Couch, 2011). Critics of the Act, though, argue that it does not go far enough in providing privacy protections for consumers because there is no single opt-list comparable to the National Do Not Call Registry, meaning that consumers will have to manually opt-out of every online data-exchange encounter (Couch, 2011). Nevertheless, proponents of the Act maintain that it represents a useful beginning in achieving more ambitious goals for privacy protections (Couch, 2011). The Act's co-sponsors, Senators Kerry and McCain, described its implications thusly: "The bill does not allow for the collection and sharing of private data by businesses that have no relationship to the consumer for purposes other than advertising and marketing. It is this practice that American consumers reject as an unreasonable invasion of privacy" (quoted in Couch, 2011 at para. 4).
Ethical Implications of Geolocation Technology
Use by Government Agencies. Given the potential for abuse of geolocation technology by any organization or individual so inclined, the ethical implications for government agencies are broad-based and are global in scope. Therefore, the so-called effects test has been proposed as a means of assessing where a government agency's jurisdiction begins and ends with respect to online information. For instance, according to Thierer and Crews:
As a government reflects on the proper limits of its reach against a faraway defendant whose Internet activities are causing local grief, it runs into a dilemma. On the one hand, a plaintiff might claim it unfair that the sovereign would decline to intervene simply because a defendant is wholly absent, since the effects of the defendant's Internet behavior are still felt locally. (2003, p. 18)
Although it is reasonable to suggest that many of the same arguments can be made with regard to other types of publication modes that provide global exposure such as print media in book and newspaper publishing, but the Internet has provided virtually anyone with a global audience, making the application of the effects test more nebulous. As Thierer and Crews point out, "On the other hand, going on an 'effects' test alone suggests that anyone…