Best Practices and Guidelines
for Location-Based Services
Version 2.0
Eective Date: March 23, 2010
Best Practices and Guidelines for Location-Based Services i
TABLE OF CONTENTS
Section 1 - Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Section 2 - Applicability . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
Section 3 - Scope of Coverage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
Section 4 - Specific Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
A. Notice . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3
B. Consent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
1. Form of Consent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
2. Account Holder Consent . . . . . . . . . . . . . . . . . . . . . . . . . . . 5
3. Revocation of Consent . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6
C. Safeguards. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
1. Security of Location Information . . . . . . . . . . . . . . . . . . . . . . . .7
2. Retention and Storage of Location Information . . . . . . . . . . . . . . . .7
3. Reporting Abuse. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
4. Compliance with Laws . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
5. Education. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
6. Innovation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
7. Compliance with Guidelines . . . . . . . . . . . . . . . . . . . . . . . . . 8
Appendix - Additional References . . . . . . . . . . . . . . . . . . . . . . . . . 8
* The examples provided in the Guidelines are illustrative only and are not meant to indicate that
LBS Providers must provide the features or services described in the examples.
Best Practices and Guidelines for Location-Based Services 1
Section 1 - Purpose
CTIA Best Practices and Guidelines (“Guidelines”) are intended to promote and protect
user privacy as new and exciting Location-Based Services (“LBS”) are developed
and deployed. Location Based Services have one thing in common regardless of the
underlying technology – they rely on, use or incorporate the location of a device to
provide or enhance a service. Accordingly, the Guidelines are technology-neutral
and apply regardless of the technology or mobile device used or the business model
employed to provide LBS (e.g., a downloaded application, a web-based service, etc.).
The Guidelines primarily focus on the user whose location information is used or disclosed.
It is the user whose privacy is most at risk if location information is misused or disclosed
without authorization or knowledge. Because there are many potential participants
who play some role in delivery of LBS to users (e.g., an application creator/provider, an
aggregator of location information, a carrier providing network location information, etc.),
the Guidelines adopt a user perspective to clearly identify which entity in the LBS value
chain is obligated to comply with the Guidelines. Throughout the Guidelines, that entity is
referred to as the LBS Provider.
The Guidelines rely on two fundamental principles: user notice and consent.
• First, LBS Providers must ensure that users receive meaningful notice about
how location information will be used, disclosed and protected so that
users can make informed decisions whether or n ot to use the LBS and thus
will have control over their location information.
• Second, LBS Providers must ensure that users consent to the use or
disclosure of location information, and LBS Providers bear the burden of
demonstrating such consent. Users must have the right to revoke consent
or terminate the LBS at any time.
Users should have confidence when obtaining an LBS from those LBS Providers that
have adopted the Guidelines that their location information will be protected and used or
disclosed only as described in LBS Provider notices. By receiving notice and providing
consent consistent with these Guidelines, users will maintain control over their location
information. The Guidelines encourage LBS Providers to develop and deploy new
technology to empower users to exercise control over their location information and to find
ways to deliver eective notice and obtain consent regardless of the device or technology
used or business model employed.
Best Practices and Guidelines for Location-Based Services 2
Section 2 – Applicability
The Guidelines apply to LBS Providers. The following examples identify common situations
and illustrate who is and is not an LBS Provider with obligations under the Guidelines.
Examples of LBS Providers:
Example 1. A wireless carrier is the LBS Provider when it
directly provides account holders or users an enhanced 411
LBS to locate nearby businesses.
Example 2. An application developer that provides the
service for a downloadable LBS application (e.g., turn-by-turn
driving) that is oered through an application storefront is the
LBS Provider; a wireless carrier that provides user location
information to that application developer for use in the LBS
(e.g., through incidental assistance to the device’s A-GPS or
through other network data) is not an LBS Provider.
Example 3. A device manufacturer that pre-loads its own
manufacturer-branded LBS application (e.g., a proprietary
social networking application) is the LBS Provider; a
device manufacturer that merely includes location enabled
technology (e.g., A-GPS) on the device to support other
applications and services, is not an LBS Provider.
Example 4. An entity that merely enables application
providers to access location information from multiple
wireless carriers (i.e., an aggregator) is not an LBS Provider,
nor are the wireless carriers LBS Providers; instead, a party
that uses an aggregator’s data to make an LBS available to
users is the LBS Provider.
Example 5. A wireless carrier that provides its customers “on-
deck” access to a mapping service provided by a separate
software developer is not the LBS Provider even if it provides
the location information used by the third party; instead, the
software developer is the LBS Provider.
Caveat: The examples are illustrative only and do not imply
that compliance with the Guidelines alone permits such
uses or services. The terms on which access to location
information is made available from wireless carriers to third
parties, or the terms under which applications are made
available to users, are beyond the scope of the Guidelines.
Best Practices and Guidelines for Location-Based Services 3
Section 3 – Scope of Coverage
The Guidelines apply whenever location information is linked by the LBS Provider to a
specific device (e.g., linked by phone number, userID) or a specific person (e.g., linked by
name or other unique identifier).
The Guidelines do not apply to location information used or disclosed:
• as authorized or required by applicable law (e.g., to respond to emergencies, E911,
or legal process);
• to protect the rights and property of LBS Providers, users or other providers of
location information;
• for testing or maintenance in the normal operation of any network or LBS; or
• in the form of aggregate or anonymous data.
Section 4 - Specic Guidelines
A. Notice
An important element of the Guidelines is notice. LBS Providers must ensure that potential
users are informed about how their location information will be used, disclosed and
protected so that they can make informed decisions whether or not to use the LBS, giving
the user ultimate control over their location information.
The Guidelines do not dictate the form, placement, terminology used or manner of delivery
of notices. LBS Providers may use written, electronic or oral notice so long as users have
an opportunity to be fully informed of LBS Providers’ information practices. Any notice must
be provided in plain language and be understandable. It must not be misleading, and if
combined with other terms or conditions, the LBS portion must be conspicuous.
If, after having obtained consent, LBS Providers want to use location information for a new
or materially dierent purpose not disclosed in the original notice, they must provide users
with further notice and obtain consent to the new or other use.
LBS Providers must inform users how long any location information will be retained, if at
all. If it is not practicable to provide an exact retention period, because, for example, the
retention period depends on particular circumstances, the LBS Provider may explain that to
users when disclosing its retention policies.
LBS Providers that use location information to create aggregate or anonymous data by
removing or permanently obscuring information that identifies a specific device or user
must nevertheless provide notice of the use.
Example 6. An LBS Provider could create a dataset of
mobile Internet users registered in a particular geographic
or coverage area by removing or “hashing” information that
identies individual users from the dataset so that the LBS
Provider could provide location-sensitive trac management
Best Practices and Guidelines for Location-Based Services 4
information or content to a highway safety organization.
Notice that the LBS Provider creates or uses aggregate or
anonymous data is required.
LBS Providers that share location information with third parties must disclose what
information will be provided and to what types of third parties so that users can understand
what risks may be associated with such disclosures.
LBS Providers must inform users how they may terminate the LBS, and the implications of
doing so. LBS Providers also must ensure that any privacy options or controls available to
users to restrict use or disclosure of location information by or to others are explained to
users.
Example 7. An LBS Provider that oers a social networking
service might provide a mechanism for the user to establish
permissions for when, where and to whom his or her location
information will be disclosed. The notice to the user could
include a statement to the eect:
“You control who will receive your location information. In
‘settings’ on the menu, you can select contacts you wish
to block or enable all the time, or you can select a manual
option to review a list of contacts each time you disclose your
location.”
LBS Providers must periodically remind users when their location information may be
shared with others and of the users’ location privacy options, if any. The form, placement,
terminology used, manner of delivery, timing and frequency of such notice depends on
the nature of the LBS. For example, one would expect more reminders when the service
involves frequent sharing of location information with third parties and fewer reminders,
if any, when the service involves one-time, user-initiated concierge service calls (e.g.,
locating a nearby service). In addition, depending on the circumstances, the use of an
icon or other symbol to disclose when location information may be shared may be a more
eective means of reminding consumers than a written notice.
In some circumstances, account holders (as opposed to users) may control the installation
and operation of LBS. In addition to providing notice to the account holder, LBS Providers
still must ensure that notice is provided to each user or device that location information
is being used by or disclosed to the account holder or others. Once again, the content,
timing and frequency of such notice depends on the nature of the LBS.
Example 8. An LBS Provider provides an LBS to a business
customer with multiple devices used by employees in the eld.
The LBS Provider could satisfy its notice obligation by direct
notice to each device that location information is being provided
to the business customer. Alternatively, pursuant to a contractual
Best Practices and Guidelines for Location-Based Services 5
obligation between the LBS Provider and the business customer
to do so, the business customer could inform its employees that
it will receive user location information.
B. Consent
1. Form of Consent
LBS Providers must obtain user consent to the use or disclosure of location information
before initiating an LBS (except in the circumstances described below where consent
is obtained from account holders and users are informed of such use or disclosure).
The form of consent may vary with the type of service or other circumstances, but LBS
Providers bear the burden of establishing that consent to the use or disclosure of location
information has been obtained before initiating an LBS.
The Guidelines do not dictate the form, placement, terminology used, or manner of
obtaining consent as long as the consent is informed and based on notice consistent
with the requirements set forth in the Notice section above. Consent may be implicit,
such as when users request a service that obviously relies on the location of their device.
Notice may be contained in the terms and conditions of service for an LBS to which
users subscribe. Users may manifest consent to those terms and conditions electronically
by clicking “I accept”; verbally by authorizing the disclosure to a customer service
representative; through an IVR system or any other system reasonably calculated to
confirm consent. Pre-checked boxes that automatically opt users in to location information
disclosure, or, choice mechanisms that are buried within a lengthy privacy policy or a
uniform licensing agreement ordinarily would be insucient to express user consent.
2. Account Holder Consent
In some cases, where the actual user is dierent than the account holder, an account
holder may control the installation and operation of LBS (e.g., business account holder
utilizing LBS for fleet management; parental account holder providing phones for childrens’
use). Under these circumstances, the appropriate consent may be obtained solely from
the account holder. As noted above, however, LBS Providers still must ensure that notice is
provided to each user or device that location information is being used by or disclosed to
the account holder or others.
The following examples are illustrative of account holder
consent upon which the LBS Provider may rely to use or
disclose users’ location:
Example 9. Fleet Tracking/Employee Monitoring: A business
entity purchases multiple lines to permit tracking employee
locations to provide for rapid response repair service, just-in-
time delivery, or eet management.
Best Practices and Guidelines for Location-Based Services 6
Example 10. Public Safety: The LBS Provider enters into
an agreement with a public safety organization to provide
monitoring compliance with terms of supervised release and
house arrest, terms of bail for bondsmen, protecting public
ocials on duty, or military force movements.
Example 11. Parental Controls: The LBS Provider oers a
service to notify parents when a child arrives at or leaves a
designated place.
Example 12. Family Safety: The LBS Provider oers a family
safety feature to locate family members in an emergency or
other specied circumstances.
3. Revocation of Consent
LBS Providers must allow users to revoke their prior consent to use or disclose location
information to all or specified groups or persons.
Example 13. User signs up with an LBS Provider for a service
that provides updates regarding user’s location to a group
of “friends” designated by the user. The LBS Provider must
provide reasonable mechanisms for the user to discontinue
such location sharing with the group at a later date.
Where technically feasible, LBS Providers may provide for selective termination or
restriction of an LBS upon account holder request. An account holder may revoke or
terminate all or a portion of any users’ consent to an LBS.
Example 14. User signs up with an LBS Provider for a service
that requires user’s wireless carrier to periodically disclose
user’s location information to LBS Provider. User is a minor
and the mobile device is one of several on the account of
the wireless carrier’s account holder who, through controls
provided by the LBS Provider or upon request to the LBS
Provider, decides to block the LBS or disclosure of user’s
location information to third parties. The account holder’s
election with the LBS Provider revokes the user’s consent.
Similarly, revocation of consent also occurs when certain
controls for sharing location information are provided by
a wireless carrier, and the account holder of the wireless
carrier has decided to block disclosure of a user’s location
information to third parties for a line on the account holder’s
account.
Best Practices and Guidelines for Location-Based Services 7
The Guidelines do not dictate terms of service that LBS Providers must oer to users
with regard to an LBS. Nor do the Guidelines dictate any technical implementation for
terminating or restricting an LBS.
C. Safeguards
1. Security of Location Information
LBS Providers must employ reasonable administrative, physical and/or technical
safeguards to protect a user’s location information from unauthorized access, alteration,
destruction, use or disclosure. LBS Providers should use contractual measures when
appropriate to protect the security, integrity and privacy of user location information.
2. Retention and Storage of Location Information
LBS Providers should retain user location information only as long as business needs
require, and then must destroy or render unreadable such information on disposal. If it is
necessary to retain location information for long-term use, where feasible, LBS Providers
should convert location information to aggregate or anonymized data.
3. Reporting Abuse
LBS Providers should provide a resource for users to report abuse and provide a process
that can address that abuse in a timely manner.
4. Compliance with Laws
LBS Providers must comply with applicable laws regarding the use and disclosure of
location information, and in particular, laws regarding the protection of minors. In addition,
it is recommended that LBS Providers comply with applicable industry best practices and
model codes.
5. Education
In addition to any notices required under the Guidelines, LBS Providers certifying under
the Guidelines will work with CTIA in an education campaign to inform users regarding
the responsible use of LBS and the privacy and other risks associated with the disclosure
of location information to unauthorized or unknown third parties. All entities involved in
the delivery of LBS, including wireless carriers, device manufacturers, operating system
developers, application aggregators and storefront providers, should work to educate
users about the location capabilities of the devices, systems, and applications they use as
well as to inform them of the various privacy protections available.
Best Practices and Guidelines for Location-Based Services 8
6. Innovation
LBS Providers develop and deploy technology to empower users to exercise control over
their location information and to find ways to deliver eective notice and obtain consent
regardless of the device or technology used or business model employed.
7. Compliance with Guidelines
LBS Providers that comply with the Guidelines may self-certify such compliance by placing
the following statement in their marketing or promotional materials:
LBS Provider follows CTIA’s Best Practices and Guidelines for
Location-Based Services.
Appendix – Additional References
CTIA has collected a variety of Location Based Services Privacy Policies that
demonstrate the application of these Best Practices. These policies are available
at: http://www.ctia.org/business_resources/wic/index.cfm/AID/11924
