July 7, 2020

Volume X, Number 189

July 06, 2020

Subscribe to Latest Legal News and Analysis

NYC Moves to Prohibit Sharing of Location Data

New York City (NYC) Council members are proposing unprecedented action to curb location data sharing. The City Council bill to ban the sharing of cellphone users' geo-location data to marketers was presented for debate after a report earlier this year showed at least 75 companies receiving anonymous but precise location data tracking up to 200 million mobile devices in the U.S.

The NYC Council is considering legislation (Int. No. 1632) that would prohibit telecommunication carriers and mobile applications from sharing a user’s location data to third parties, where the data is collected while the mobile communication device is in NYC. The bill excludes from this prohibition location data shared to provide user requested services.

The bill comes with strong enforcement mechanisms. The NYC Department of Information Technology and Telecommunications would have enforcement authority over Int. No. 1632. Each instance of an application or telecommunications carrier sharing location data constitutes a separate violation, each of which is subject to a civil penalty of $1,000. However, an entity that commits multiple violations on the same day would be capped at a civil penalty of $10,000.

The bill also provides a private right of action for customers whose location data has been unlawfully shared. Successful plaintiffs would be able to recover statutory damages of $1,000 per violation (also capped at $10,000 per day) and reasonable attorney’s fees and costs.

Int. No. 1632 was introduced on July 23, 2019 and referred to the Committee on Technology. If this bill passes, businesses would be required to carve out NYC location data. Further, vendor contracts with telecommunication companies and mobile applications should include explicit affirmations to not share location data from NYC’s five boroughs.

Copyright © 2020 Womble Bond Dickinson (US) LLP All Rights Reserved.National Law Review, Volume IX, Number 206


About this Author

Theodore Claypoole, Intellectual Property Attorney, Womble Carlyle, private sector lawyer, data breach legal counsel, software development law
Senior Partner

As a Partner of the Firm’s Intellectual Property Practice Group, Ted leads the firm’s IP Transaction Team, as well as data breach incident response teams in the public and private sectors. Ted addressed information security risk management, and cross-border data transfer issue, including those involving the European Union and the Data Protection Safe Harbor. He also negotiates and prepares business process outsourcing, distribution, branding, software development, hosted application and electronic commerce agreements for all types of companies.


Dominic Dhil Panakal Womble Atlanta

Dominic is a member of the firm’s IP Transactions, FinTech, and Privacy and Cybersecurity practices.

Dominic advises clients on international and domestic data privacy laws.  He also assists in drafting Software as a Service agreements, privacy policies, terms of use, and licensing contracts.