.. ..

>> we are excited for you to be here and your leadership here. we need to talk offline about this great subcommittee, but thank you for being here, and senator kerry, thank you for being here. we have others that are on the way, but i'd like to go ahead and start. i know senator kerry has a limited time here, and my i understanding is senator rockefeller has limited time. let's get underway. i want to thank you for being here and the witnesses for participating today. certainlily, this is -- certainly, this is a very important hearing on privacy in the mobile marketplace. chairman of the subcommittee, i

appreciate your willingness to participate in this very important dialogue. as technology evolves, consumers continue to lose control of their personal information. without question, cell phones have become a part of that trend, and as they have become more and more versatile. today, more than 234 million americans use mobile devices and 73 million americans have smart phones or are expected to own smart phones by the end of 2011. there's hundreds of thousands of software applications known as apps on the markets today. apps allow us to play games, share information with friends, read the news, find the cheapest gas in town. in fact, there's one app that allows people to find the nearest kosher restaurant and nearest synagogue. there seems to be an app for everything, and while their innovation and creativity

defined the mobile app space, we understand that most of the app producers do not have a privacy policy, and the vast majority of consumers who use these apps really don't have any idea about the ways their perm information including their age, location, gender, income, and ethnicity that is contained in their phones can be shared either with the company or with third parties. in other words, while smart phone users may voluntarily submit some information to software applications, it's not clear that americans who own smart phones understand how their information may be used or transferred as a result of the download. in fact, last night, i talked to my two teenage children. both of them have apps that share information. neither of them had any idea that that information was being shared, and i think that's the way most americans are. cons qemently -- consequently, it's not surprises we are facing a new emerging

mobile world lacking basic parameters and best practices. where are the opt out options or where are the privacy policies? that's some of the things we'll talk about today. the mapping of consumers' movements without consent is unacceptable, and application game that transfers a consumers location data to ad networks without informing the user is greatly troubling. while location technology can assist law enforcement, and there's certainly good things about it. it can be helpful in emergency situations, geolocation tracking also poses serious safety concerns. a therapist who works with domestic abuse victims notice a increase in thought in client's cell phones. there's stalkers who exploited the gps system and location information collected by consumer smart phones to track their victims.

the results have been deadly in some cases. demonstrating the highly intrusive nature of some of the technology, one website sells something they call mobile spy software, and it actually markets this product as a completely stealth monitoring program. the website says once installed on a phone, spy is hidden, but logs calls and texts to the server, and then the snoop can log in and see a complete record of incoming calls and timing of the calls and read text messages both sent and received. i want to hear from our witnesses today about risks that consumers see when their information is collected and reported. the consumers' understanding of what information is being collected or transferred through mobile apps, the extent of

geolocation informs collection among privacy concerns with an emphasis on children there, and how companies are working to relay these concerns and suggestions for enforcement of basic privacy rights and security policies and standards in the new apt economy and online mobile world. with that, i'll turn it over to the ranking member and let you say a few words, and then we'll call up senator kerry. >> senator, mr. chairman, thank you very much. thank you for welcoming me to the committee. this is a new and exiepting opportunity for me. i look forward to serving with you, and i thank you for scheduling this important hearing. this is a very important topic, and i commend you for doing that. unfortunately, i became ranking member just in the last couple of days, and prior to that had a previously scheduled conflict,

so i can't stay, but i wanted to make an opening statement if i could quickly, and again, commend you for doing this. like most americans, i'm protective of my personal information, and i believe i should have control over who accesses that information, how it is accessed, and ultimately how it's used including by commercial entities. as the father of young children, i'm very concerned about protecting their identity and safety, especially when they use mobile devices and other online applications. more children are accessing online services through home computers and mobile devieses than ever before and have parents well-informed on protecting their children is a goal i'm sure we all share. recent revelations that apple iphones store information without concept may have leaked profile information to advertisers is a cause for concern. these and other incidents led congress to question whether the federal government has a general

interest in increasing its role in regulating this space. i commend you for taking swift action to correct the problem. i prefer to see the industry self-regulate and i'm eager to learn from witnesses on the measures put in place to safeguard against possible future consumer harms. i think everyone here knows very well the mobile market place is growing and changing rammedly. we have -- rapidly. we have access to speeds and applications completely unimaginable just a few short years ago. apps for smart phones have turned into a multibillion dollar business as consumer demand is clearly strong. in our important efforts to protect consumer privacy, i just hope that we won't lose sight of the many consumer benefits comes from the innovative technologies brought to market by the companies we'll be hearing from today. as the chairman indicated in his comments, low case based services provide conveniences

that consumers would not have if a particular app did not have access to some level of perm information. before we take action, it's important to find the right balance that protects consumers' personal information while at the same time allows continuing constructive innovation to occur. at this point, i'm not sure where that line is to be drawn, and i would caution against passing legislation with unintended consequences. i hope the hearing today sheds light on this important question, and, again, mr. chairman, i thank you for succeed yuling -- scheduling the hearing. >> thank you very much. we welcome the newest member to the committee and to the senate, senator heller, thank you for being here. go ahead, senator kerry. >> well, thank you, thank you both, chairman. welcome to our new members on the committee. mr. chairman, thanks for holding this hearing today.

it's obviously one attracting a lot of interest. it's a lot of money on the line, a lot of business, a lot of business practices, and also a lot of vams, personal -- values, personal interest of americans, and while today's hearing is obviously principally about mobile phones and the apps that come with them, which are quite extraordinary in which we all use and benefit from in a lot of ways, it's also important, i think, to put the mobile phone and apps in the context of the larger discussion about privacy itself. i don't think there's anybody on the committee or in the country or in the world who doesn't marvel at the power or extraordinary potential that we are currently living and that we will live in the future with respect to the interpret. it's constantly innovating and moving, and i'm personally, and

i know the chairman, senator reck feller and like wise us on the committee worked hard and long with respect to the national broadband plan as well as the issue of releasing for spectrum for broadband because we want to see the potential for the internet released all across the country as broadly as possible. unfortunately in the united states of america have been going in the wrong direction. we used to be number four in the world in terms of broadband reach, and now we're 16-20, depending on who you listen to. that's an appalling comment and one to take note of as we think about this. i also support investments in research and development and a bunch of other things that will contribute to the startup of different businesses and firms that are going to unleash our economic potential. we all in this committee understand the automatic

instinct inside a lot of companies interested in this which says, hey, washington, just leave us alone. we'll do fine. we'll make this work, and the internet will grow. over the years, i think most of us in this committee have been guided by the belief that in a technology market that is moving so rapidly, that's the right approach in most cases. i've certainly stood by net neutrality. i've stood by no taxation. i have advocated for open as an architecture as possible in order to unleash the full measure of creative energy and entrepreneurial activity that brought the wonder to all of us and continues to innovate, and i'm convinced we made the right decision in the 1990s here to protect -- to do things that did

not allow privacy or other issues to somehow eclipse that move for innovation, and i think it might have slowed back then, technology advances, but we're in a different place today. we just are in a different place today, and we need companies like google and apple and facebook to join companies like intel, microsoft, hp, already coming down on the side of common sense, very restrained simple privacy protections. we need industry leaders to engage constructively in these legislative efforts to modernize our privacy laws, to come up to the year that we are in the state of art that we are with respect to the market place because we want the legislation to work for both the consumer and the entrepreneur. now, i've reached out to the

companies that are here today over the last six or seven months, and i appreciate the time they've taken to work with us so far. mr. chairman, i reject the notion, and one of our colleagues just sort of raised the, you know, here's what we want to do, but here's what we don't want to do, e reject the notion that privacy, protection is the enemy of innovation. it absolutely doesn't have to be and isn't. in fact, a more trusted information economy, i believe, will encourage greater consumer prarption, great -- participation, greater confidence in that marketplace, and in turn, more and belter services in a safer commercial environment that is more respectful of other people. in the end, though, not in a heavy-handed overly prescriptive approach, i believe that companies collecting people's information, whether you're a tech titan or not, ought to

comply with just a basic code of conduct. we need to establish what we as a society, in a country that has always valued privacy, what we as a society believes is the sort of basic proper treatment of people's information. i know you can shut off your location services, but that doesn't do the trick because a lot of those services are services we want, and we want to use them, but we also want to know that what's happening to the information is a consequence of using them is properly protected, that we are properly protected as individuals. i don't think you can continue to create or leave it to firms to decide on an ad hoc basis what that level of protection ought to be, and i think that's particularly true in an age when

the mini supercomputers are in our pockets with us all the time and always on, and particularly among young people there's disposition to use most of those apps almost all the time, but it's also true on the computers at home and offline, when we buy groceries, travel, or when we purchase, or whatever, so as we sit here today, mr. chairman, there's no privacy law for general commerce whatsoever. data collectors alone are setting the rules. in s799 the commercial privacy bill of rights that senator mccain, senator clob char and i have established collectors of all information including mobile phone and mobile app companies we're talking about today, and

senator rockefeller's do not track, i think that's a very important issue, and one we ought to be deeply engaged in, and, you know, the votes decide it, but whatever way we go on that, we still need a privacy standard. we still need the basic rules of the road by which everybody agrees we're going to protect commerce, we're going to protect the creative entrepreneurial ability of the internet and give individuals the knowledge by which they make a decision as to how their information is going to be treated. i think that those principles include the idea that regardless of the technology or method used to track americans, they should know when they are being tracked, why, and how long that information is going to be used for, and in what way, and they ought to know with whom that information is going to be shared and be able to reject or accept those practices, and they need legal protections if that respect is not granted to them

with the terms of that arrangement are violated, so i hope, mr. chairman, we'll have a chance at the right moment to tackle this issue within this committee. i think it's a really vie call one -- vital ones to americans and its growing importance. i look forward to hearing from the witnesses in the time i can be here. i apologize i can't be here the whole time, but, thank you, mr. chairman, for affording us the time to make the statements. >> mr. rockefeller. >> thank you. i associate myself with every word and comma, perhaps even a semicolon that you said, senator kerry. i think it's just wrong for people to be wondering about people, you know, we get in the age business, and i will in a minute, but not knowing what's happening to them, not knowing they are, in fact, being tracked, what you said about smart phones are, in fact, super

computers, little supercomputers that tell you -- that tell other people because some of you make this information available to other third parties who use it and sell it and make money from it which is a violation of individual liberties and in my judgment. look, we have 240 million mobile devices used today. 75% of teenagers own a cell phone and talk on them and carry them all the time. 72%, and this is interesting to me, the wording even, 72% of parents say they slept with their cell phones. [laughter] it's a neutral statement, but it's -- [laughter] it also -- >> that's risky. [laughter] >> yeah, but it also shows the intensity of this whole thing. you can't -- it's got to be under your pillow, you just can't be without it. so i think the online privacy issue is not something of an

unintended consequences. i think it's a basic american right and responsibility of the ftc which i do not think has been very aggressive on this, and i know of the users, you know, the big companies and all the apps folks, and not just the big ones, but the little ones with three or four people, but there's hundreds of thousands of them pumping out apps that are totally unregulated, and the question is what do we do about that or what do you do about it or do you want us to do something about it? they have to be regulated because they produce the same things that get people trackedment i think using a mobile device has an expectation of privacy, and in that, the american people are misled, but i think that's part of the compact that you make when you go into that business. the company's before us, apping, google, facebook, i appreciate

they're being here, they are major players in all of this, and this won't be your last visit i hope. in fact, i can assure you it's not your last visit. [laughter] as the online world grows and evolves, the consumer privacy issues grow and evolve with it. the question is is anybody watching and paying attention? we just say, oh, it's not my responsibility. if it becomes entirely the responsibility of the federal government, people won't like that, so how do you work with consumers so that they can understand the information that's being collected about them? they have that right. comes along with the purchase price. they buy the right to privacy. they do not get that, however, and that's what we're talking about today. smart phone applications allow consumers to access information from all over the world, take and share pictures with friends and family by video conferences

on the go and transforms the way consumers use the interpret, record the world with them and share lives with others, but with this no innovation comes the huge risk. as smart phones are powerful, more personal information is concentrated in one place. these devices are not phones, but they are miniature computers. simple actions now do have unintended cons qenszs -- consequences, unintended or intended, i'm not sure, but anyway, a lot of people are making a lot of money off the information they collect without the knowledge of those folks from them. a mother posting a smart phone picture of her child online does not realize that time and date and location information is also embedded in the picture and available to anyone who can get it which is pretty much anybody. a teenager accessing an application may not realize her

address book is assessed and shared with a third party. that is not meant to happen in this country without the permission 6 an -- of an adult. 4-year-olds are not good at that. 9-year-olds are not good at that. they don't know how to do that. maybe we have to do that for them. the third parties view this information this target advertising on individuals. it's very cynical. it's very smart. it's very good business, but it's cynical. it's an abuse of that power. passing on people's profiles, so everything is new as john kerry said, but one thing is clear, consumers want to understand and have control of their personal information. they have that right. that expectation is not being met. it's not being met, so i look forward to what our witnesses

have to say. last week i introduced the do not track online bill of 2011. i think that's a terrific bill. it makes is very simple directing the federal trade commission to establish data by which consumers can tell online companies including mobile applications they do not want their information collected. it takes a click, very simple, and applies to everybody, works on everybody, then the ftc, of course, have to make sure companies respect that choice. mr. chairman, i thank you. >> thank you, mr. chairman. with the committee's permission, what i'd like to do is go to the first panel, and our first panelist today is david vladeck, director of the bureau and your statement is part of the record, your written statement as well as everybody's opening statement

if they want to submit those. i ask you to keep your opening remarks to 5 minutes if possible. thank you. >> chairman pryor, chairman rockefeller, i'm david vladeck. i appreciate the opportunity to talk about the issues in the mobile marketplace. the views expressed in the written statement we submitted represent the commission's views. my oral remarks and any response to questions represent my own views. today's hearing could not be more timely for more important. we're seeing explosive growth in the mobile marketplace. robust wireless internet connections and businesses are innovating and consumers are purchasing and using smart phones at extraordinary rates, and there's no wonder why.

the phones are powerful, multitasking devices that marriage the desk top computer with the personal, always on, and always with you nature of mobile phones. there's no question that these devices benefit consumers, but there's also no question that these devices raise serious privacy concerns. these concerns stem from exactly the always on and always with you nature of these devices, the invisible collection in sharing of data with multiple parties. the ability to track consumers, including children and teens, to their precise location, and the difficulty of providing disclosures and choices on a smart phone small screen. for 40 years, the federal trade commission worked to protect consumer privacy, and we are working hard to protect consumer privacy in the mobile

marketplace, to keep pace with changes in the mobile market, the commission has hired technology gists, has a series of in-house trainings, and assembled a team focused on mobile technology. every consumer protection investigation now examines the targets used of mobile technology. currently, we have a number of nonpublic investigations underway relating to unfair practices in the mobile market place. the federal trade commission's primary law enforcement tool, the ftc act, prohibits unfair or deceptive practices, and it applies in all media, including mobile. last august, the commission charged the public relations company with deceptively endorsing mobile gaming apps in the itunes store. the commission's recent cases against two of the largest players in the mobile ecosystem,

google and twitter, further demonstrates the application of the ftc's privacy framework to the mobile market place. as you know, the commission is reviews whether its privacy framework kept pace with technology change. last december, the commission released a preliminary staff report proposing a new privacy framework that lasts on three recommendations to ease the burden on consumers to protect their own information. first, privacy by design, making privacy at the outset. second, simpler and stream lined privacy choices, and third, transparency, so consumers know what data is being pulled down and who is getting it and who is using it. these principles are especially relevant in the mobile market place given all of the concerns related to the up visible collection -- invisible collection and sharing of personal information like the precise geolocation data of

children and teens combined with the difficulty of providing meaningful disclosures in a small screen environment. the preliminary report also included a recommendation to implement universal choice mechanism for behavior tracking including advertising, often referred to as do not track. the majority of the commission expressed support for such a mechanism. although the commission has not taken a position on whether to recommend legislation in that area, the commission strongly supports the goals of chairman rockefeller's do not track legislation and supports the approach laid out in that bill including the scope of the do not track standard, the technical feasibility and costs and how the collection of anonymous data would be treated under the statute. i also want to commend senator kerry for the work on the commercial privacy bill of

rights and the members of this committee including its chair for their leadership on protecting consumer privacy. at a time when some chirp learn how to play games on a smart phone before they learn to tie their shoes, their commission is reviewing the chirp's online privacy protection act rule to see whether technology changing in the online environment warrant changes in the rule and statute. while the review is still ongoing, remarks at last year's copper round table along with public comments we've received, demonstrate widespread cop census that -- consensus that the rules were written broadly enough to encompass most forms of mobile communications without the need for statutory change. in closing, the commission is committed to protecting consumers in the mobile sphere through law enforcement and working with industry and siewcial groups to develop

solutions that protect consumers while allowing for innovation. i'm, of course, happy to answer any questions. >> thank you very much, and because we have a full committee here, almost a full subcommittee, i just want to ask a couple questions and i'll turn it over to the colleagues. thank you very much for being here. you mentioned that this is a small screen world, and even when you have a large screen, and you get all these privacy notices and agreements that are online, ect., there's a lot of verbiage there you have to go through, so it seems to me we have a particular challenge in the small screen world to have meaningful disclosure. have you given that much thought, and do you have a solution on that? >> well, we have addressed this issue in the privacy report, and one of the reasons we did this privacy rethink at the outset was because even on big screens, privacy policies are often indecipherable to consumers and

translating that to the smart phone world where a consumer might have to click through a dozen or three does -- dozen screens doesn't make sense. we have clear disclosures that tell consumers the fundamental information they need to know. what data is being taken for what purpose and by whom. those are the three essential questions, and we think -- >> bottom line disclosure? >> bottom line disclosure just in time. >> okay. let me ask you about the geolocation trackings ability. is there a particular reason why geotracking would be available in some apps? >> well, in some apps, if you're using a map fungs, geolocation enhances functionality. that doesn't explain why other apps that do not need

geolocation data for functionality are nonetheless pulling down data, and that's part of the problem. you have a prompt on some phones on if you want to share your data, and you say no, then you can't use the app. that's back to senator kerry's point. you want functionality, but you want to know who gets access to the data. is that access used to enhance the functionality, or is it sent to add networks and -- ad networks and advertisers and so forth. that information is not available to consumers. >> in my experience has been when i talk to people about this, they have no clue that this data is being transmitted or shared with anyone. they have no idea. do you have any statistics on what people know now? i mean, stl any way to -- is there any way to know contactually what people understand --

people understand now? >> most people don't know, and there's a reason for that. people are not told with whom the data is going to be shared, and so it's hard to point the finger at the consumer. the consumer just has no way of knowing that on most apps. >> thank you, and now the order of -- that i was going on call on folks, chairman rocer feller, and the early bird rule -- >> i can be at the end. >> no, you're not. mr. chairman? >> okay. since 2000, this has been in effect. it prohibits companies targeting children 12 years old on

younger. it is widely disregarded, do you agree? >> i don't know whether i would agree with that. we do fairly aggressive ens forcement. we had a settlement against the largest children gaming company, the largest civil penalty -- >> they were disregarding it at least? >> and the order applies not simply to the internet -- >> i know this would not be available without parents' consent; correct? >> it shouldn't have been available, correct. the violation was retaining information without parental concept. >> there's applications available for iphones and android phones. they qualify in my mind as an

online service, but i don't know if they qualify in their mind as an online service. >> we held a workshop in june of last year to discuss exactly these issues, and i think there was widespread con consensus for example to use your illustration that mobile apps are an online service and therefore covered. we reenforced that with our order which makes it quite clear that mobile delivery of these apps is covered by the order and subject. >> that act requires -- you have to provide conspicuous notice, conspicuous notice on what personal information is collected and how it is being used? >> that is what the statute says. >> that is under the law. receive parental concept and provide parents with all information collected about their kids. now, any of these provisions, a

violation of any of them, constitutes a very bad thing under the federal trade commission's act, so the question is such violations are subject to civil penalties, how much do you go after these folks? >> well, as i said, we have done quite a number of cases lately, and we have a number of investigations ongoing into the mobile space including apps direct the to children -- directed to children. >> all right. i presume you believe apps directed to kids under 13 are covered by copa? >> that is correct. >> apps designed towards kids with cartoon characters and games are collecting information at times without adequate disclosure, would you agree? >> i believe that is correct.

now copa has been an effective tool to protect prief privacy online. now, given the growth of mobile devices by children, even to the age of 4, what is the ftc doing to make sure that apps are compliant? >> well, we're doing two things. one is as i mentioned before, we are looking for good enforcement targets in this space, and we will be bringing other enforcement cases. >> what do you mean "looking for good enforcement?" >> cases like playdom violating substantial portions of the act, and hundreds of thousands of kids were playing these online games. in part of what we do in the enforcement is try to send a clear message to industry, playdom was a very big player in this field, recently acquired by the disney corporation so -- >> so the f -- after you all

testified before this committee last year, on your plans to review copa rules, one of the issues discussed at that hearing was the rules applicability to mobile apps. the comment period closed last july. >> that is correct. >> and so that's, i think, about a year later, so i'm kind of curious as to what you're doing to make up for the lost ten and a half months. >> well, with all do respect, the time has not been lost. it raised public policy issue, and we want to get this right, and so you can expect something, you know, we hope to get something out in the next couple months. >> i hear that so often in government. people have to put out rules, put out regulations. we hope to get that out in

several months, but in the meantime everything is okay. >> i'm not saying everything is okay, mr. chairman. please understand -- >> you are being active in the meantime. all i'm saying is get the rules out. >> we hear you loud and clear. >> thank you. >> thank you. senator kerry. >> thank you very much, mr. chairman. thank you for being here. to what degree is it true that right now absent some kind of promise to the contrary, any kind of company or a mobile phone or an app operator, hotel website, whatever it is, that they could do whatever they want with the personal information they have collected, and they have the individual would have no right whatsoever to tell them to stop or to control what they are doing with the information? >> well, if you're asking what the individual could do, that may be a question of state law and federal law.

if you are asking what the federal trade commission can do, our principle tools are deception and unfairness. in the absence of a privacy policy, it makes things more difficult for us because our jurisdictional hook would be the unfairness prong generally, would be the unfairness prong of our authority, and while i wouldn't rule out our ability to take enforcement actions in the absence of any commitment of a privacy policy or another statement, that makes things more difficult for us. >> do you know of a law or standard in some state that's been applied? >> i don't know. i've never taken a comprehensive look. >> you guys have not surveyed that to determine what kind of rights people may have? >> when i say me, i was speaking just for myers. it may well did our staff has done that. if so -- >> let us know. >> i'd be glad to provide that to you, yes, sir. >> whether or not you have --

you raised this question of sort of where the ftc can go with respect to an an fair trade practice saying if somebody makes a promise to a consumer, but do something other than the promise, you have a right to do something. absent that, do you have any capacity to assure compliance across the hundreds of thousands of different companies in the country with respect to privacy for consumers? >> we do, yes. the practice is an unfair one under our statute. >> what's the definition of that? what's the standard applied to that? >> well, it has to cause or threaten to cause injury to consumers, that the consumers themselves could not avoid, and that the cost to consumers would outway what benefits accrue. >> have you made judgments broadly whether or not in fact it is unfair per se for this

information to be given to a third party for instance? >> we have not made that. >> why is that not something to think about? >> let me digress. we have made that exafort in the data security area. if there's a breach, and your personal information is shared as a result of the breach, we apply our unfairness standard in those kinds of cases because you've been injured, you could not reasonably avoid it, and the benefits to the company don't outweigh the cost to you -- sorry. >> no, time is short. i want to hone in on the things out there. supposing you have a government entity and government information would be a separate committee and separate set of concerns, but in a private company and private individual in some right of action, what rights do people have? for instance, in are a divorce

proceeding, could one spouse or another use information from a third party? do they have rights to that? do we know the answer to that? what about a company and the employee is fired on certain practices and you want to trace it on the company's phone or their phone, either way -- >> you just sort of chronicalled all the reasons we think geolocation data is so special and important because under state law those things they be available or there may be no one to share them, and largely the cost of the examples you've given, we think geolocation data should be treated as special data like data children, health, finances, data that deserves special protection. >> with respect to do not track, do not track applies to third party; is that correct?

>> the way we defined it, yes. when you move across websites and you are tracked, that's what we consider to be third party tracking. >> so are apps operating on iphones on android phones first parties or third parties? >> well, again, it depends on how the app functions. if you pick up the new york times app on your phone and you read the "new york times," if you then, you know, if you then click on the facebook like button, it raises difficult questions. >> the bottom line is if they are treated as a first party, then do not track would not apply any new standard whatsoever with respect to privacy protection for that particular app; correct? >> that's correct, right. if you're not moving across websites, but on some apps, you

can do that, and that's why implementation of do not track for apps, not mobile browsers, but apps raises different questions. >> sorry, mr. chairman, i want to emphasize the need for sort of broader, any numbers of reasons, but i think this underscores why you need that basic standard and code of privacy and welcome back at another time, but thank you for time. >> thank you, senator kerry. senator klobuchar. >> thank you very much. i have a proposition, not nearly as sexy of senator rockefeller's statement of 72% of americans sleeping with their cell phones. i just can't get over that. 77% don'tment to share their location data with app owners and developers. we need rules of the road. senator kerry mentioned a bill we've been working on, and i also believe that we need to

make sure that we're going after bad actors and people who hack in and working on a bill with senator hatch on cloud computing that we're going to put out shortly, and the third is that personal choice also plays a role here. some consumers may be more comfortable with data sharing more than others, but we have to make sure they are the ones ail to make that choice, and that gets to my first question here about privacy choices to consumers. currently, how simple and clear is the typical privacy policy to the average consumer? >> not much, not very. >> okay. how valuable do you think a streamlined policy agreement would be when -- in moving forward trying to set best practices? >> we discussed this in great detail in the privacy report, but we think privacy policy, particularly on smart phones, need to be short, clear,

and concise and be delivered when the decision about using the app or sharing information is made. >> and that is not the truth now? >> that is not generally the way they are delivered at the moment. >> okay. secondly, and senator kerry was touching on this, but i know one of the most popular things in our household that congress did is the do not call registry years ago, and now we are working with senator rockefeller on the idea of do not track for mobile phones. what feedback have you received from consumers on the do not track? >> we've gotten positive responses not just from consumers who overwhelmingly supported the do not track feature, but as you know the browser manufacturers and the advertisers are also gravitating to do not track. it's hard to argue in favor of a business model that depends on conceiving consumers, and so i think there's a great deal of

movement towards giving consumers easy to use, easy to find controls over their own data. >> and what do you see as the challenges in implementing do not track on mobile devices? >> well, i think the only challenge as you put it is impolicemen traition of -- implementation of do not track on apps. on browsers, the technology is the same. why we brought on ed fellton, a prince toll computer science professor is to work through the implementation issues. >> and how does the ftc's proposal differ from what apple and google are currently doing with their smart phone operating systems? >> on do not track? >> on do not track. >> well, they would differ significantly. i mean, the problem that we face now is that there are browsers that are being adapted to essentially try to clear cookies

and send signals to advertisers basically saying do not track us. until the advertisers agree to be bound by this and sign up in significant numbers, you know, if that doesn't happen, senator rockefeller's bill started the clock. i think that the business community knows that at some point sooner or later there will be a do not track requirement, and so i think they're trying to figure out how to do this. >> okay. and last question, does the ftc currently have the authority that you believe you need to prom mull gait regulations in the ever-changing far more sophisticated world, and do we need to do anything more here? i mentioned bills, but in terms of just giving you authority. >> well, answer in two ways. first, we do not normally have pa rule making authority. we do not really have the

capacity today to promulgate regulations in this area. second though, the commission has not sought that specific authority from congress. i can't speak for the commission on that issue. >> all right. thank you very much. >> thank you. senator blunt. >> thank you, chairman. one, with do not track, how would apps work? for an app to work, don't you have to track? >> there are apps that when we say track -- >> maybe apps is broad, but for a lot, don't you have to track? >> again, there's confusion about tracking in the mobile because it takes on two meanings. one is being followed from one website to another. that's tracking on the internet. >> right. >> of course in the mobile, there's an additional complexity because you can be physically tracked. >> that's what i'm asking. >> okay.

i digress. many apps that use geolocation data for functionality purposes you need to enable the geolocation figures on your phone to use that. our concern is not with respect to the app developer pulling down geolocation data, for example to make sure the map function on your phone worked. >> right. >> it's that there are other apps that are pulling down geolocation data which has no relation at all to functionality, and oftentimes the consumers is unaware that the geolocation data is being pulled down or that once it's pulled down, it's being shared with ad networks, companies, and this ecosystem behind the screen the consumers are unaware of. >> in rule making, how hard would it be to reach that definition of where you are not -- you're not allowing tracking for some things, but

you understand it has to happen for others? >> well, i think that the litmus test would be functionality. as i just explained, we don't have rule making authority in that area, so to the extent there's definitional questions that need to be resolved across the board, industry is going to have to do that or this body has to do that. >> these questions about employees and divorce cases and things like that, how is this geolocating data retained? is it in a way that you really could go back and sort out what the individual involved not agreed to that for some significant period of time or not? >> well, there are state law cases involving divorce and other issues in which geolocation data has been subpoenaed not just from the wireless companies, but from other companies and used in court proceedings, so, yes, it -- the analytic data --

>> has been done and can be done? >> i believe that is the case, sir. >> what about data security breach? something else you mentioned. is that more likely within the current environment than if you had a lot of privacy sign offs and on the opt -- opt out and all that? >> the commission long called for legislation to enhance both the privacy protections, the safeguard companies are required to use when they store sensitive information such as geolocation david data and give public notifications of breaches. the concern we have is the more data of this kind, data that's special because of the consequences of exposure can be, the more companies need to protect it and make sure they are not subject to breach, and so these two issues are related. the more sensitive data companies collect, the more we ought to require them to put protections in place to

safeguard that data. >> i'll ask the companies this later, but i'm wondering how actually individual specific those are in terms of any collection matrix that the company does, or do they just have a big universe of people that have gone to a certain location or something that they then contact that universe? >> well, i mean, "wall street journal" did an article on this precise issue a couple of months ago, and the data is so robust, there are now algorithms to guess where you will be next, so -- and this, of course, is hip thet call -- hypothetical, but if you play golf every wednesday afternoon and call in sick, it's not inconceivable your employer can get that data and decide maybe you should not golf every wednesday. >> maybe i need that because i have not been able to guess where the senate's going to be next. [laughter] maybe i need to figure out that

algorithm that lets me know what we're doing tomorrow. thank you. >> thank you so much. >> thank you. senator mccaskill. >> one of the things missing from this is the value that a lot of this activity provides to the consumer. i'll give one example. the value of being able to low case where this is is very important to my privacy because they now have the technology that if this gets stolen from me or if it gets left j, i can remotely go and wipe it clean. that protects my privacy. that is incredibly important to me because frankly, i don't want people in here, and so have you all looked at the value that has come to the consumer both from the robust technology that's been developed and the incredible ability we have to do so many things, the fact that

it's free, or almost free, i mean, you pay for some apps and some have geolocations, most of them don't, and what it provides is an amazing internet experience primarily funded by the marketing, anonymous behavioral marketing, so what studies have been done to show the benefits? i think most consumers frankly asking if i want privacy, is like asking if i love my country. of course i want privacy. we did hipa, and we sign the paper at the doctor's office, and don't get much out of it. i'm trying to make sure going down this road that we are informing the consumer of yes, there are things we need to do on privacy, and i'm all for some things, but i'm not sure the consumer understands the value they get. have you all talked about that? >> well, we have, and this was part of the data collection

effort we do as part of our privacy review. i think that, you know, i think there's no disagreement that consumers value tremendously the flexibility and the capacity, the almost unimaginable capacity these phones bring or the tablets bring to our lives. nobody's suggesting that we turn the clock back. the question really is is do we have a system that's more transparent, that helps consumers understand that there are costs as well as benefits, and one of those costs is, you know, you are absolutely correct, the behavioral advertising is a source of revenue that funds and many apps are free, they are free, but supported by the advertising revenue. >> thank you. it made the whole internet free is behavioral marketing, so i'm anxious what do you think the new business model will be? >> well, i think most consumers,

and when we talk about do not track, we're not talking about an all or nothing choice. one of the reasons the advertisers are engaged because they acknowledged for years they should not target consumers who do not want to see dargted ad -- targeted ads, so they are comfortable with a business model in which the consumer have choice, but the question is how many consumers will opt out completely? i think if the choice is rightly explained to consumers, the choices to get ads they may be interested in versus ads that are delivered to them at random k i think most consumers opt for targeted ads provided that the ads, the information collected for the ads will not be used for purposes other than deliver targeted ads, the whole secondary use issue is an important one, and they'll have control over the ads. i, for example, don't have to

get the pesky rogaine ads anymore. [laughter] i think that's the kind of choice and control consumers are really looking for. >> i just want to make sure that we have looked carefully at what the costs are and carefully at what impact it's going to have on the most successful part of our economy in this country, and i think for us to be -- to go down this road and not really be sure that we are going to inform the consumer that some of the benefits that they take for granted right now could very easily go away if we are # not very careful and cautious what we do here. ..

we believe that we have the authority. i need more people. [laughter] >> thank you. now i want to ask my rounds i still have two minutes left on my questions, and what i'd like to do is go ahead and finish my questions and then move to the next panel because we have several witnesses who are here and want to speak. but let me just ask a couple follow-ups with you before i let you go. one is just an open-ended question that i don't need an answer to today but it's something we need to think about. that is when it comes to

children, should there be special privacy protections for children? and i think that is a hard one to practically put that into effect but it's something we need to think about and we would love to have your help on that as we think through. secondly, this is something i want to ask the next panel. but if a person removes an application does any of the software stay on their phone? >> i don't know that answer and i will have to get back to you. >> duralast the second panel as well. the third thing before i let you go is i am concerned about the in net purchases, and i know that i've written a letter to the commission on that. would you mind giving one minute on the purchase is and where you think the industry is on that? >> we are engaged in a number of nonpublic investigations. i think the simplest way to put it is no parent hands a child a phone with a game expecting to

run up a bill of more than a penny or two, and we have of course seemed parents presented with the bills in the hundreds of dollars. we are quite concerned about that. we've registered our concerns and we have both of the act manufacturers and everyone else involved in this system and that is an issue that we are pursuing. >> went to thank you for your attendance and testimony and i am certain some of my colleagues will have more questions for the record as we would love for you to work on the staff getting this back when you can. >> it's our pleasure. >> i would like to excuse this panel and bring up the second panel. and in order to save time, i'd like to go ahead and do the very brief introductions as they are getting situated. we have five witnesses on this panel. we have brett tayler, chief technology officer of facebook,

we have morgan reed, executive stricter of the association of competitive technology, we have catherine, the vice president worldwide government affairs apple incorporated, and we also have al lynn davidson. come out and grab a seat. a director of public policy for the americas google incorporated, and we have amy, president chief operating officer of common sense media. so, as the staff is getting them set up, we appreciate you will begin here and your testimony, and as i said with of the previous panel, you're written statements will be made part of the record so if you want to sort of streamline that and do it in under five minutes i think the committee would appreciate that. but why don't we go ahead and start with you, mr. taylor, and if you could give your statement

again, if i for one to keep it five minutes or less the would be great. mr. taylor. >> thank you. chairman rockefeller, chairman pryor, ranking member toomey, thank you for inviting me to testify today. mobile phones in the internet bring a tremendous social and economic benefits. just a decade ago most online content was static and accessed for desktop. today the internet is an interactive social experience defined by a person's connections, interests and communities and thanks to the explosive growth of smart phones and multiplications people can access personalized social web wherever and whenever they want. with that comes legitimate questions about protecting personal privacy on the web and we are grateful to discuss the mothers to cultures today. everyone has the key role to play keeping people safe and secure online. bye giving them control the information they share and the connections they make.

these are particular concern to me. we understand that trust is a foundation of the social web people will stop using facebook as the los trusten the services. at the same time, overly restrictive policies can interfere in the public demand for new and innovative ways to interact. for facebook, getting the balance right is a matter of survival. this is why we were to develop privacy safeguards without interfering in people's freedoms to sharon connect i want to address five mean points which are covered in more detail and by written testimony. first, the openness of the internet is a catalyst for innovation. the openness is what enabled marks of gerber to launch facebook from the college dorm room in 2004 and it now allows more than a million third-party developers to offer nearly infinite variety of services to the facebook platform. in addition the social web is an engine for jobs, innovation, investment and economic growth. big companies and small businesses are hiring individuals to manage the social

media outreach strategies. entrepreneurs are building business models based on the social web. but the internet open architecture also creates technical challenges for the transfer of data. facebook is leading the way in developing new technologies to make the social experience more secure. second mobile technology plays an increasingly important role how people use facebook and the social web. facebook to ensure seamless experience across the web and mobile services and over 250 million people access facebook on mobile devices every month. we are one of the few internet companies to extend our privacy controls to the mobile interfaces providing the same controls on the mobile locations as we have on the web site. as an adult will change as the proceedings on there from those will change the settings on facebook dhaka, and every other device the user may use to access facebook. we have bill frist privacy protections in the facebook and global offerings. because each individual privacy

preferences are different we cannot satisfy people's expectations by adopting a one-size-fits-all approach. instead, we strive to create tools and controls that enable individuals to understand how sharing works on facebook and choose how broadly or narrowly they wish to share information and the time they are sharing it. in particular, we use privacy by design practices to ensure privacy is considered throughout the company and product. we are currently testing the new more transparent privacy policy that communicates privacy and symbol interactive way. our context will control allow people to easily decide how broadly the want to share a particular piece of the information. our sophisticated security protections including a onetime passwords, remote log out and look and notifications are state of the art. and we continually engaged in the facebook community to evaluate and improve services in the privacy safeguards we offer. fourth, we work to build -- we worked to build trust on the facebook platform which enables

independent developers to build a social experiences on facebook as well as other locations around the internet. we believe that individuals should be empowered to decide whether they want to engage in some, many or none of the sword to be cut third party services. for this reason we treated industry leading tools for transparency and controls the people can understand what data they are sharing and they can inform decisions of the applications and web sites they decide to use it we also encourage community policing some individuals, employees and developers can help identify issues. they are available across the entire facebook experience and will look occasions and on facebook dhaka. for the independent developer sue use the facebook platforms, we expect and require them to be responsible stewards of the information they obtain. we have robust policies and technology tools to help them increase the responsibility and work to always do more. last year we worked with other industry leaders to build the open standard for authentication

that improves security on the internet. now that it's mature and has broad participation around the industry we are requiring developers on the platform to migrate read the transition will result in better and more secure relationships between developers and individuals who use the applications and the websites the build. finally, we use the position in the industry to encourage others to play their part in safeguarding the public trust whether it is developers, users, browsers or operating system designers to read we also support government efforts to take action against bad actors and highlight important issues like today's hearing. everyone has a role to play in building in securing the mobile online environments enriching people's lives each day. thank you for the opportunity to testify and i look forward to answering your questions. >> thank you. mr. reed? >> thank you, chairman pryor, ranking member toomey and distinguished members for the opportunity to speak with you today. as executive director ira

present over 3,000 developers and small business entrepreneur as many human rights apps for smart phones and towelettes. often when we consider the issues in this setting, we do it to look at the impact it will have on the country at large and we talk in broad themes and big ideas but today i would like to start off differently. breaking it down to the smallest of the small specifically my point size to five-year-old. my daughter is learning to speak chinese, granted she's doing it because doud wants her to the oil and let her use an old smart phone, i floated on the chinese language learning apps and she has gained that help recognition and even one that let her take pictures of a character and gives her a translation. i recently have seen a demo of an application that will allow her to take a picture of an object and get a translation audibly. these are the applications that won't make the cut on the desktop computer if for no other reason at least for my five year old will never sit still. many of them or 99 cents, none were more than $5.

when she gets older she and i will do is the star what at which uses location information to show a real time map of the night sky. mobile apps like these open the world's of learning for kids and adults in ways that are not imaginable five years ago and there are thousands of similar stories to mind. over 500,000 apps are available on the mobile platforms today originated less than four years ago the economy will grow $5.8 billion this year in the next four years the total was expected to reach 37 billion if you include services we expect to hit 50 billion. this is a remarkable american success story in a time of economic uncertainty. a developer account for the vast majority available in the market today creating opportunities for the country while also exporting popular programs abroad. 88% top 500 were written by small businesses and vast majority of these microbusinesses with less than ten employees. more importantly, this is not a

silicon valley phenomenon. in fact, scott bebb will develop a series of acts in bentonville arkansas. we got thomas west virginia, we've got more hit minnesota and critical faults in st. louis missouri. this is the true geographically diverse nature of the new economy and while apple stores and are helping small businesses grow they provided the user with tools to protect their personal information for the smart phone my daughter deutsch is shy enabled most of the privacy settings on the device to a different location services and restricted her purchases and disabled her ability to add or delete applications. as she gets older the features i enable will grow with her maturity. while the privacy protection of the handset is a place to start, we in the ad community know and are doing more to inform and educate consumers about how we

handle their data. accordingly, we have a working group to develop a set of guidelines for mobile location developers to enable them to do a better job in creating privacy policies and also helping them to understand the complexity of privacy regulations to read most mobile applications collect new information therefore require to have a policy. but we feel they should. not because of regulation but because the most valuable asset they have is their trust from the customers. a quick peek at the comment section on any mobile a petition signed are showing how quickly an application can lose favor because it failed to meet customer expectations. we don't want anyone to lose sight of the fact these are hard working in a fit of entrepreneurs who predated citing new products and is committed to ensuring the of the tools needed to avoid the pitfalls of the data mismanagement. but for those few fraudulent makers who misuse consumer personal information, we say throw the book at them. the ftc 3 million-dollar fine against underscored the

considerable enforcement measures available. section five of the ftc at offers government broad authority to go after bad actors and sacked the oversee the marketplace. while the if given a high profile to bad actors in this area i would urge the committee to evaluate the considerable and for some options currently available before creating additional regulatory mechanisms. to often in an emerging marketplace has unintended consequences that can stand development. the last thing we wanted was constrained the industry with tremendous growth where the country has such a clear competitive advantage. let's address that behavior without threatening this uniquely american at economy. thank you very much. >> thank you. ms. novelli? >> good morning on a german writer, chairman rockefeller and members of the subcommittee. my name is catherine novelli 39 vice president for the world wide government affairs for apple. thank you for the opportunity to

further explain the approach to address consumer privacy and protection in the mobile market place an issue we take very seriously especially as it applies to children. i would like to use my limited time to emphasize a few key points. first, apple is deeply committed to protecting the privacy of all of our customers. we have adopted a single comprehensive customer privacy policy for all of our product. this policy is available from the lean, every page of the apple website. we do not share personally identifiable information with third parties to the marketing purposes without our customers explicit consent. as explained in more detail in my written testimony, we require all third-party application developers to adhere to specific restrictions protecting our customers' privacy. second, apple has built an innovative settings and controls to help parents protect their children while using apple products both on and off line.

these controls are easy to use a password protected and can be administered on all products as well as on all of our mobile devices. including a the iphone come the ipod and the ipod touch. they can be enabled quite easily on the itunes store. we believe these parental controls are simple and intuitive. they provide parents with the tools they need to flexibly manage their children's activities and various stages of maturity development in ways that parents deem most appropriate. i provided detailed descriptions and examples in my written testimony. third, apple does not knowingly collect any personal information from children under 14. we state this prominently in our privacy policy. if we learn that we have inadvertently received the personal information of a child under 13, we take immediate steps to believe that information. we only allow itunes store accounts for individuals 13 or over.

apple network is not providing ads to applications targeted to children. and we reject any developer application the targets minors for data collection. apple does not track the users' locations. apple has never done so and has no plans to ever do so. in the recent weeks there has been considerable attention given to the manner in which are devices store and use a subset of the anonymous location database of the power and wi-fi hot spots and to allow the device more quickly and more reliability to determine the user locations. d-tn i written testimony. i want to reassure you to that apple was never tracking individual's actual location from the information residing in this cache file on their iphone. adel did not have access to the cash on any individuals users iphone at any time dhaka.

they give the customers control over collection and use of the location data on all of our devices. they have a master's locations which into our mobile operating system to make it extremely easy to opt out entirely of location based services. the users such as the location services often the setting screen. when it is turned off the device will not collect or transmit location information. equally important, apple does not allow any application to receive the decisis location information without first receiving the the user explicit consent through a simple pop-up dialog box. the dialog box is a mandatory and cannot be overridden. customers may change their mind and opt out of location services for individual applications at any time by using simple on and off switches. again, parents can also use

controls to password protect and prevent access by their children to location services. closing let me restate the unwavering commitment to giving our customers clear and transparent notice choice and control over their personal information through we believe over products do this in a simple and elegant while apple hasn't taken a position on any specific privacy legislation before the congress, we do strongly agree that any company or organization with access to customers' personal information should get its customers clear and transparent noted choice and control over their information we share the committee's concern about the collection and misuse of any customer data and we are committed to continuing to work with you to address these important issues. i will be happy to answer any questions you may have. thank you mr. davis? >> chairman pryor, chairman rockefeller, members of the

subcommittee my name is alan davidson and i'm director of public policy for google and north and south america. thank you for the opportunity to testify at this important hearing and for the committee's leadership and helping companies and consumers grapple with these emerging privacy issues. my visit to the is simple. as we have heard, mobile services create enormous social and economic benefits. but they will not be used and they cannot succeed without consumer trust. that trust must be based on a sustained effort across the industry to protect users' privacy and security. and we are committed to building that trust. first a word about technology. many of us are already experiencing the benefits mobile location services, things as simple as getting real-time traffic maps that help the commune or finding the causes gas station on your car gps thousands of applications use location services to connect consumers and businesses. the postal service offers an application to help the users find post offices and mailboxes.

to confine the closest cheeseburger using the application or friends on four square. the value of location based services extends far beyond convenience. the services can be lifesavers. mobile location services to help you find the nearest hospitals or police stations or let you know where you can fill a prescription at one in the morning for a sick child. and that is just the start. we are now working with partners like the national center for missing and exploited children to explore how to deliver amber alerts about missing children within seconds to the users nearby. the service is reasonable to alert people on the path of a tornado or a tsunami or guide them to an evacuation route in the event of a hurricane as i believe chairman prior you heard in the hearing on the homeland security committee. the adoption of the services has been remarkable. for example the popular google matt services in the past year to 40% of the usage has shifted to mobile devices.

every month over 150 million people now regularly turn to the google maps on their android iphone blackberry or other phone. mobil services have a growing importance in the economy according to the recent market reports the potential economic impact is staggering. they are creating the jobs and new businesses and increasing jobs in existing businesses. here's the thing, to succeed in the long run, mobile services require consumer trust that is based on strong privacy and security protections. at google we focus on privacy protection throughout the life of our products starting in the initial design. we subscribe to the view that by focusing on the user all else will follow. so we use information where it provides value to consumers and implement strong control for information sharing applying the principal of transparency, choice and security. when it comes to mobile services for example we are extremely

sensitive with location information. we have made our mobile location services often only. with the highest degree of care. so here is what works on the android. when i took my and gereed phone out of the box one of the first screens on salles asked me in plain language to affirmatively choose whether or not to share location information with google. a shot of the process included in the testimony and it's on the board at the end of the road. if a user doesn't choose to opt in or doesn't go into the settings leader to turn it on, the phonak will not send any location information back to the googled location service. if the user does often all of the data that is sent back to the consumers are unauthorized and it isn't traceable to the specific user or a device and they can later changed their mind and turn it off. beyond the standard operating system notifies users on a third-party application will be given permission to access

location information. before the user installs the application that we the user has the opportunity to cancel the installation of the fault of information collected. we believe this approach is essential for the location services and it is a good example of how to handle this kind of sensitive information. highly transparent information about what is being collected. often in her choice before the location information is collected and high security standards to analyze and protect information. our hope is that this becomes a standard for the broad industry. the privacy practices i announced are stark. there is more to do. we salute the active role and we commend what you are doing to bring stakeholders together to develop a comprehensive approach to privacy. the issues raised are clearly challenging but finding answers is critical to maintaining consumer trust, protecting innovation and supporting the rapid economic growth generated by the services.

we live for to conversations with the committee. thank you. >> thank you. >> -- protecting privacy in this market the stakes are high especially for the nation's kids. i want to talk about two things today. why is privacy such an important issue and what is the common sense media position on what we must do about it? why is it so important? let me start by saying common sense media increases the technology. one of the beliefs is that we love media, but we and the parents who use the resources are increasingly worried about threats to children's privacy and rapidly changing mobile and digital world. 85% of parents we polled said they are more concerned about privacy than five years ago to read what we also preface by saying that common sense media

understands and appreciates the internet economy and the brilliance of a company's have invented. we live and work in silicon valley. that is why it is so jarring to hear that there can't do attitude when it comes to inventing technological solutions to protect kids. the only offer partial solutions and they can do better. we know it and we believe they know it. parents and kids are rightly concerned so why do we worry? two reasons. first, kids live their lives online. they don't just access content any more. they created. our kids are growing up in public. many people in this room can attest to how hard it is to be a public figure. imagine if you're only 13 and had an unflattering picture spread across the web as has happened to hundreds of kids in high schools across the country. seven and .5 million kids under 13 horam facebook.

second, we see to miniet sable how privacy is not protected in this world. we all know that they experience the breach which exposed personal data of more than a 100 million, 100 million of the online video game users and the list goes on. this hearing is specifically mobile and for good reason. the mobile world puts all of the privacy issues we've talked for years on steroids. why? i will list a couple reasons. mobile phones are tied to a specific person, most computers aren't. because there are more opportunities for tracking with the mobile device you have someone's location and it's always with you, and we found out is always with you during the night as well for many people today. the average smart phone owner spends more time on the applications than the deutsch talking on it or browsing the web. this is the issue because the mobile apps are far less transparent how they use the data than most web sites.

nearly three-quarters don't even have a basic privacy policy and mobile browsers don't have nearly as many privacy controls as the web browsers to. in the and we are all involved in protecting kids privacy in the online and mobile world but we can't protect our kids' privacy if companies and operators aren't providing so what do we a common sense media propose? we urge congress to bolster the walls protecting essential privacy for the nation's children and teens. the five principles should be essential elements of any new legislation from congress. first of all, number one, the industry standard for all privacy should be off in especially for kids and teens. private by default and public by effort. and today it is the other way around. number two, privacy policies should be clear and transparent. you shouldn't need to hold a degree from harvard law school to figure out how to decode a

privacy policy. number three, behavioral tracking of kids there are limits on advertising and kids on tv and cable, not on the web. kids are not little consumers, the hour children. let's not invade their privacy and pummel them with ads. member for, parents and kids should be able to easily delete online information. too often we hear about young people who post information they later regret and find they can never fully delete it from the online world. we have to protect these kids from permanent damage. and finally, number five, we must increase education information about online privacy. kids and parents need to do their part to protect privacy and the privacy of their friends to read a large scale campaign would help them learn how to do so effectively. industry leaders could play an important role in this and should be required to finance it.

honestly wonder why leading companies seem to consider privacy implications for children and teens only after the fact. these considerations should be baked into the design phase of a product or service. companies now successfully do this for disability access. why can't we do it for kids privacy? is founder of a popular social networking company commented last week in a "washington post" interview that, and i quote, we will figure things out as we go along when asked about the special privacy considerations for youth. we have got to do better than that. we all need to work together to find solutions in the space and we need the companies to bring their innovation skills to the crucial and sheriff role of protecting the nation's kids. thank you. >> thank you very much. again, we are going to do five minute rounds on the questions. i'd like to start with you if i can, mr. reed, and i want to ask about "the wall street journal" article. i think he referred to it or someone did a few moments ago

about smart phone applications transmitting information, and we have a little chart that shows some of the company's i think maybe it's if i'm not mistaken it's their top 12 or something like that that the listed in the article, and ms. reed, how do you propose notifying consumers in a better and more meaningful way so that they are not surprised to learn that their information is being sent to folks or that they are being tracked? >> first of all, i think it's a great thing to look at in terms of one of the best things about "the wall street journal" article is the help to an education job that we in the industry and remember most of my members are three or ten people have had a hard time doing it ourselves so we've benefited from that of the front end. we were able to tell consumers

this is part of what we are doing and the privacy policies that we have in place are there. we face two problems as an industry that has been talked about a lot. the 2-inch screen problem, how do i write a privacy policy the pulse of to fine lawyers like ourselves and others that is simply veazey to understand and can be displayed in a 2-inch screen so that's one hurdle that we are facing. why members want to deliver the clearest and simplest privacy policy but when they go to a lawyer to have it checked many come back and say it provides them. the second tested with the constantly changing world we face in terms of business models. we started out this whole application will only three years ago at the time we had an ad store at apple which we sold directly and got paid for. we didn't have advertising at all. recently we had it in net purchasing. so having a privacy policy that not only reflects the business model today that encompasses the business model to mauro, the changes apple can make it any

time to their privacy policy or facebook can make or google can make or all a part of the problems we are having in trying to address it. what we've done with our working group is we not only brought in regular developers to use that but focusing on different person which we do multiple business models. we brought in the one of the four recognized safe harbors to help us create guidelines that can actually address the important questions raised earlier about children in. >> i think we need to fall one that looked more. but mr. davidson, when you open your android phone and that screen came up if you wanted to you could check no for the tracking for the jeal location? too the location services. >> and that's great. but what happens if you start using the phone and adding applications that do require the jeal location.

>> that is a great question and a very important question. the way that we address that when you try to install an application that wants to use location services, you get a notice before the application is installed that says this application wants to use your location information. is that okay and you have to accept that before installing and we give notice of other information on the application. we do it very simply. it's usually not more than a scream sometimes you scroll down a little bit but we have worked very hard to make it simple and the key is what we talked about that the last panel, timely notice and the choice for consumers. >> let me ask you you mentioned your five principles that you liked it when i hear mr. davidson and others talk of a also know that there are very legitimate reasons why parents may want to track their own and children. they may want to know what

you're five principles allow parents to do. >> that's a good question. we haven't contemplated the best answer is we should get back to you on that and of course it would depend on of the age of the child. >> as a parent to two teenagers -- [laughter] let me say that there is a parental interest. it could be a good thing depending on the family. but anyway, i hope he will think about that because when i heard the five that you leave out it seemed kind of lawyer and plaid and i'm not sure that you have enough leeway to think about that but if you could -- with me ask you before i turn it over to other colleagues on the committee, you talked about your privacy policies all of that sounds great, but can apple tell how many people actually read it

>> they have to say they agree. we can't say for sure if they've read. we try to make it in plain english and very short, but we can't tell, we can watch someone reading it. >> can you tell how long they are on the screens, do you have any way of knowing that? >> i don't know whether we can or can't. i have to get back to you on that. >> for a lot of folks it is too much information without understanding what they are agreeing to but that is another matter that we can discuss. senator rockefeller? >> thank you mr. chairman. mr. taylor, this would be to you under facebook's terms and conditions, a user must be 13 or older to have an account on your

web site. despite this according to the recent consumer reports study an estimated 7.5 million users were younger than 13. moreover, the facebook application and the apple at store is rated for age four and above. my question to you is i understand facebook policy not to allow children under 13 to have an account, but the description of the facebook app and apple store rates the app as appropriate for age four and older. how is that consistent with your policies? and who determines the rate for the facebook application? >> sinnott turkoman that is a good question and actually is news to me. first of all, we don't allow people to have accounts under

the age of 13, but if i had to guess, my guess is because the facebook application does not contain much for content that is what the ratings reflect but i think we can follow-up with your office why that reading exists and certainly the application has the same rules and conditions governing as the web site which means no one under the age of 13 can create an account. catherine i appreciate that, but it doesn't appear to be the truth, you have 7.5 million under, and this takes pnac, and i won't harp on it, but facebook grew so fast, zuckerburg is 20, 21 and comes up with a big idea. people who are 20, 21, 22-years-old really don't have a social value at this point, in his case i think -- no, i'm serious, i think he was focused on how the business model would

work. he wanted to make it bigger and faster and better than anybody else had, and nothing i know suggests otherwise. so you can't just dismiss the 7.5 million use years younger than 13 and say that you have a policy that doesn't allow that to happen. i asked because i'm very worried about suicide, people stocking youngsters beauvis innocently put yourselves on a blog and i think it is going to one person and goes to indonesia and everywhere else, and you have 600 million people, and i asked her how many employees thus facebook itself has? this was two or three months

ago. she said 1600 world wide. i assume she's right. she's number two in the country so i assume she's right. then i said how many people do you have monitoring to see what is being said? because ibm has or you worried about what can happen to children, humiliation, bullying, predators, all the rest of it i think it is a huge subject to read and i have meetings all over on the subject not necessarily on facebook but just in general parents are terrified. they are terrified, and school counselors don't know how, you get a whole new group in and they are very worried about this. she said well, we have 100 people who monitor these 600 million people who i assume are doing a whole lot of blogging every day, and my

reaction is this just absolutely indefensible, it's unbelievable when you would say that. she said we are going to do better in the future. and i want you to defend your company here because i don't know how you can't. >> i just want to say we emphatically agree with your points and i just want to clarify a couple issues. first, whenever we find out that someone has misrepresented their rage on facebook we shot down their account. i'm not sure the methodology of the study that you referred to but emphatically we do not allow people to misrepresent their age, and there's a couple look interesting points here. >> when you say we don't allow people to misrepresent their age, how can you do that? >> it's a good question and something we saw a lot about. what we found is the most scalable way both in terms of age enforcement and also the other issues that you brought up arana bullying and other protections of miners in this site are baked into a system of

enabling people to report problems on the site. i will talk about bullying first because it's an important issue and then talk about age protection. we have under almost every single piece of content on the site we have a linker individual users can report inappropriate content and report bullying. originally that would go into the special que that the user support department would take and bring down the content almost immediately. we also expanded that in the program we call social reporting that enable people not only to report it to us than actually to the provincially and teacher authority figures also on facebook. so, if you are a minor on the site in high school and you see inappropriate picture as i think was brought up in one of the open testimony's you can not only report to facebook and have a removed, you can report it to a parent or teacher and deal with the underlying cause of why someone would post a picture like that and actually deal with

it off line and deal with the underlying issues. we obviously have about 250 people working across safety privacy and security on facebook but in addition to that, we've mixed those with those of reporting mechanisms because we find they are very accurate. regarding age -- >> my time is up and i want to get a comment. i apologize. >> no problem. >> on the same question? >> correct. >> our view again is not enough is being done. if we took a small amount of the time any of the company spent in a feeding products and start to think about how we protect the kids and frankly adults but we are focused on kids, we think there would go a long way. these are the organizations that have created a platform which 600 million people across the globe use companies that met every street in america across

the world so we can all use and instead of spending money to try to hide your puerto rico firms to try to take on the other company let's take that money and spend it on figuring out technological ways the will protect our kids. it can't be 100 people sitting in an office trying to monitor 600 million conversations. >> thank you. thank you mr. chairman. senator klobuchar? >> thank you. we've been talking some about how we get privacy policies that are understandable and readable and i know that mr. davidson when you were asked at the judiciary committee about this and requiring apps and you have an understandable privacy policy and use it to take the question back to your leadership have you heard anything back on that and welcome deutsch will commit to

requiring the applications to have a understandable privacy policy? >> we think that the apps should have a understandable privacy policy. will make a requirement and try to make it as possible for the small businesses to use it. >> thank you. ms. novelli, you are asked by senator coburn among judiciary as well i would conduct the transcript in the judiciary hearing you're saying how apple tested an ad and it a random spot checks so presuming we might spot any problems and they found there were problems with some of the apps in terms of

sharing the location data without informing the user how do those mashed? >> we do our best to check for all of our requirements better in our developer agreement. one of the requirements that we have. you must get permission from to share information with respect to locations there is a requirement that if you want to use the application data of a consumer you have to pop up a dialogue box that is linked into our api that we designed to either allow or don't allow, and i can't comment on specific apps but i believe that particular question that was referred to, but when we find a problem or someone alerts us to it will immediately investigate and work

with the developer. they have 24 hours to fix the problem or be removed from the store. what we found is that developers have a great incentive to fix the problem. >> this reed, you've been working in the area of trying to put together a comprehensive set of guidelines that will follow policies, and i support that effort. i think it's good, but i look back and think that considering anyone with skills and a computer can build an application i believe of the self-regulatory approach to privacy would be enough to keep the bad actors out of the market >> there's two parts. the self regulatory approach is the way to start but it's not a self-regulatory, we heard earlier from the ftc we think the ftc has and should strongly enforce section 5 and in fact i know in this case i will speak from the legal side of it, but

we see deceptive and unfair should include or conceptually should include someone who misuses your dignity and doesn't have a privacy policy. i know we heard earlier the ftc is on sure about that but i see no reason why if someone is misusing your data that doesn't fall under the realm of a deceptive trade practice, so i would say we want to start with self-regulatory and want to bolster our industry effort on that and the second site, the stick side would be the ftc coming out of folks who don't have a privacy policy. >> and then mr. taylor i know senator rockefeller was asking about the number of kids who might be claiming for kids under 18. do you see a different way of trying to reach out to them to talk about the privacy policies and are you thinking about that in terms of making sure that the understand that you might use a different approach than with an adult? it's a good question we thought about to read fundamentally we agree most people in this room

of a greek miners, people under the age of 18 should have a different experience on facebook because of the unique needs and privacy protections and a security protections a minor needs, and that makes its way into all aspects not just the legal privacy policy. so, on facebook if you are a minor you actually have a different experience. door privacy setting the faults are different, when you share things it goes to the more restricted audience. when you report problems on the site the users respond differently if it is a minor and it makes its way throughout the product and that applies especially to privacy and security issues. >> to follow on senator mccaskill's point model sharing is bad and much of it can be beneficial to the consumer and third-party. the question is where you draw the line and more targeted advertisement can be more

relevant and helpful to the users. as you know there is a line between sharing data and extracting. do you see the line and the common practice is to you think? >> thank you for the question, senator. if bto targeting or advertising is so useful to consumers, they should have the ability to say opt in. so if i happen to be on facebook and i am writing to a friend or posting on the wall about wanting to go see elvis costello and the conversations to advertise on that and i get an ad and that was my choice and i obviously solve the value of providing the information to get something back. i thought senator kerry made a really fundamental point in the statement and rejected the notion that there is a choice, fundamental choice that needs to be made between innovation and protecting privacy we couldn't

agree more that is a false choice. the internet economy and the u.s. alone would be close to 200 billion in the commerce. most of that was not created by harvesting private data shortfall and using its behavioral target. people in fact one of the beautiful things about the advertising as customers are opting in every time they go on kaput to a search engine they say i'm in market for a new car or truck so please advertise to me and that's okay. it can work that way and $15 billion a year are spent by advertisers in that part of the economy and that is fantastic and that is an example of where privacy is protected and innovation has happened. >> if any of you want to respond amount of time that we can talk about a liter. >> thank you.

>> mr. taylor and mr. davis i'm going to ask if there is any example you have of a problem that the companies of corrected. one of the things i hear is when there are problems usually the company moves forward to self correct before anybody else even knows the are a problem and a couple examples would be helpful if you have them. ms. novelli, does apple track the location of my iphone? but we do not track the location. we do not, sir. estimate and is it flogging and right now? it's on. is it logging on or is there some login system that you will get from my iphone? >> no, sir. apple doesn't look at a login system for the phone. >> so what do you do? how does it work that i might get some advertisement for something or be solicited on an

application or through my mailing account or whatever >> there are not advertisements on the account is on your iphone. you could get an advertisement there is a web browser that is just like if you use your computer or web browser and that works the same as it would as if you were working from a computer so if you are logged on to a website -- >> i would have to be on something for that to happen. >> that's correct, sir. what is a crowd source database? >> that is essentially but it is is a map of the locations, the jeal locations of the cell phone towers and wi-fi hot spots that we derive from information that is anonymously sent to us from

people's phones, so the phone when it goes by a location will say that there is a wi-fi hot spot here, there is a cell phone tower, there's nothing that connects it to an individual or the individual phone. and we are using that map to help people later on when they want to know where they are and it is a simple process of being able to know where you are relative to the points just like a regular map. >> back to my other question if you think of an example of something that could have been a problem of self corrected. >> i.t. we are constantly innovating. i don't know if it is about fixing problems that a couple examples, we take the comments very much to heart about trying to do more to protect children suffered simple and relatively

recently we just launched a lockout feature on the android so that parents can control or anybody can make sure their phone isn't downloading without a pen. we've expanded the safe search program which is a project to enable people to control search results to make sure they are child friendly. we added a mechanism on and troy so people can flag that. these are things that have been improved in the last six months now. i would say some of them are about trying to make sure that we are doing more and are always doing better to protect children. there's probably been other things we have done that we are constantly trying to direct. >> mr. taylor? >> it's a very good question, and i think to mr. david 65-point in the industry we are constantly working to improve the safety of the products because it is the basis by which people choose to use them and if they lose trust in the service

like facebook they will stop using it. i think a timely example was actually this friday we will be announcing in partnership with microsoft and the national center for the missing and exploited children we are going to be deploying a photo technology that microsoft research developed to identify the sophisticated fingerprinting technology. pictures of missing and exploited children but to protect exploitation on facebook and help people find missing children and that is something we did productively with the organizations because we care deeply about the problems just as all of you do. >> you mentioned something for a little clarification we need to protect kids from permanent damage. i assume that means if they put something on out there for people to see how do you do that if people have already seen it and someone already captured that, how -- assuming that kids have access to this way to

communicate, how do you protect them from permanent damage if they made the decision to put something out there that's damaging? >> the information is small only public when someone puts it up which is hard to control, but it is persistent. it's very hard to take the information down. we talked about and let our privacy briefings the concept of an eraser button where it would be easy for somebody who realizes they put up something they didn't want up that they could then take it down. >> but can't somebody else capture it and then they have it? >> that's the problem. >> but that's the problem of putting it out there. if someone else can capture it and then they can share it. am i roane? >> that is the problem. >> i don't know how you stop permanent damage if somebody does something that's damaging unless it just happens that nobody sees it and nobody else

decides they want to use it. the problem here is very scary. any of us who have children or grandchildren it's scary to think of what somebody might do. but i'm not sure that we can actually ever come up with a sense that's highly enough or big enough to stop that from happening, and it does happen, terrifying in, long-term problem, but if people have access and they put information out there it's out there. ..

how to be literate in this new world and that's a very, very big project. >> thank you chairman. >> i got each week for my last round of questions i want to address. i didn't mean to sound flippant about it. i don't know if amd and room, but if you are. what i was trying to save the at the bottom line is that we have some unintended consequences and some costs that came with said they. the two windscreen he talked about, we clearly didn't get that down on sunday because most of the go to the doctor's office are not reading along thing they have to read and they signed and

i bet most people in this room would've made a figure as a they're not need the holy thing they find you to sign one or two or three every time you go, which has administrative costs in. and there were some unintended consequences in terms of finding people who might have similar sized pieces that are pure theory unique and rare, trying to find people for research purposes. hippa tested in the the way that something of a problem. that doesn't mean we shouldn't work on privacy. interesting cautionary want to be careful as we move forward on privacy because so much of the six s.b. pat in this space in our country and the internet and in the advance of technology has been remarkable. i want to make sure we don't have unintended days. celebrity and privacy be in privacy is, i'm not a secret that. i want to make sure that everybody understands how easy this is in terms of turning off thing. i mean, not only do i have the ability to make sure that i

don't have any location services on here. i can even go down in you tell me every single app that is using location services and i can individually go to each one in turn each one off. the other thing you do is that you tell me if anybody has used by location in the last 24 hours. there is a little luck with that pops up in so i tried it while the others are questioning. i went on kayak, check out the site and others in the air error that tells a kayak is my current location as i was looking for play. all i've got to do is flip the switch on kayak is another business oriented. very simple, easy to find her right on the page. now come here is the thing i wanted to ask ms. novelli and mr. reed. i am a little confused why cut the rope is on that list. i am a little confused by paper tosses on the list.

it seems to me for attacking the games. i mean come the paper top is a game, one of the ones listed in "the wall street journal" article. all you do is there's nothing in the top that has anything to do with location other than factor trying to get it piece of paper into a trashcan and it's again. same thing with cut the rope. it seems to me it is very obvious by the that there is no need for any location, that that could be where the industry could focus on making sure that people understood the consequences clearly the only reason that cut the rope was topped the paper is tracking my location is to try to sell to other people where i'm going and what i'm doing because there is no applicability to the game involved. it seems that he could focus their first in terms of making sure privacy is very obvious. when i go on and cut the rope site, which i could try, i don't see anything on there that tells me anything about what they're doing as they related to

tracking me. so could ms. novelli and mr. reed respond to that but >> first things first. you raise a good question and i say that i often on teams like that saying no one asks me can i share your location, i just turn it off. the reality is for some of us were building an application at are ad driven, they will ask us for information so they can provide a higher-quality out. one of the things is that location as part of it. there is an interesting small-town benefits we've seen. i'll use red sleeves are, is fairly different one. i can any skew and it will come project. while tommy the amazon price, but below that it will tommy tom progress toward assisting project. it's $3 more coming but it's right across the street. tom did not have to buy an ad

for major supplier. he can target just to the zip code. there are some benefits to that kind of marketing. i also say you illustrated the first part most readily, which is what his paper ties and not see ads targeted, turn off location-based services. i think that is something we as an industry understand and expect some consumers to do. we have to figure out how we still make money from the networks because they control our income from that. we have to signed an agreement with them rather than us at the tail wagging the data, where they agree to the terms you suggested. >> could y'all -- i know apple will do anything to stop the amazing flow of applications that are making your product so desirable to make it. but it seems to me in some of these apps that if i had a choice, you can either get it for free and season on or pay $2.99 and be ad free and

tax-free. it seems to me that is a simple consumer choice that the industry could do, both google and apple if the two of you did it increase that to the extent it would apply to you, but i think that would go a long way towards consumers beginning to understand, first of all, that when they are being tracked, it helps pay for things and that's why they get so much free. and it would begin to drive home. there's nothing better than driving home the point of what they get for free and housing to give them a simple choice. has there been discussion about that? y and we can move towards that kind of model? >> first of all, their apps on the app store and my husband in fact has downloaded a couple of them were you have a choice. either it's free and you have to submit the advertising or you have to pay. and so, their apps on this story like that now. in terms of the pricing though, we have the developers said the

pricing. we have not really gotten into trying to set prices as apps. >> i don't want you to. i want you to maybe say people should have the choice as to whether or not they want to pay or whether they want the added. >> and developers have been making that choice and there are those choices on the store now. i don't know if mr. reed wants to comment. >> by candles for one second. what you describe is exactly what we're doing and we appreciate that apple and amazon and good and others are doing purchasing, but remember that's the model we're using. we say in the story tie the knot is paid for and what it says for unix do it. you make a choice which one you want. there's an interesting number though. we may then subdivided to say and act purchases you can turn off ads that few but the free version. >> i know. i do want to cut you off, but the bottom line is it is not clear. i get light, i get free and i get paid, but i do understand when i'm making a decision that

it also might involve tracking and that's what i'm saying. i think that might be something you have to do is an industry that microsoft unintended consequences by government regulation. thank you all very much. and the next questioner would be -- it says senator udall. >> thank you, clear. >> i'm following a list as committee chairman. >> thank you very much. i know the chairman is secure, but i really appreciate him holding this hearing and all of you responding to the questions of the panel. as you can see by the questions, there is no doubt that there is a lot of concern in terms of privacy, in terms of protect the minor's and those kinds of things. i really look forward to your supplemental answers to some of you are going to give because i think those are some of the key questions that are out there. and i think from this subcommittee's, we are going to

continue to ask these questions and continue to do oversight. and so i think you should expect that. recently i joined senator reed and schumer and lautenberg and asking research in motion, ram, google and apple to stop selling dangerous act that enabled to drivers to evade law enforcement in 2009, drunk drivers killed nearly 10,000 people nationwide, including 141 in new mexico. i played dui dodger, buzz, check point and fanned similar provide drunk drivers with precise location of dwi check point says they drive. this is while they are driving around. some maps even offer audio alerts, warning drunk drivers as they approach police chat point. while i agree that public notification of check points on

the news or in the paper can serve as a deterrent to prevent individuals from making the decision to drive drunk, providing real-time accessibility tailored to a driver's location only serves to provide truck drivers with the tools to more effectively break the law and endanger others at a time when their decision-making capabilities are already impaired. and i am very pleased that rim did the right being and immediately hold these apps from the black. app store. why are apple and google still selling dwi apps that encourage breaking the law? that question i think would be directed most to ms. noe valley and mr. david. >> well, senator, when we received your letter, the first thing we did is look into this and try to research the whole situation because apple, of

course does not want to anyway be encouraging it. what we found when we look into it as there were some differences of opinion among reasonable people about whether publicizing, as you note, check ways deters or helps drunk typing and that in fact some of the information is actually made public by the police forces themselves and is on the internet. we are continuing to look at this issue. we'll continue to talk with you and your staff as we continue to evaluate it. we do not want to be enabling for supporting drunk driving in any way. >> i guess i would echo that sentiment. we certainly appreciate the seriousness of the issue that has been raised. we do remove applications from the android marketplace that

violates our content policies, but after initial review, we determined that apps that merely share information don't violate those policies at this time. and so, we are evaluating this. we've been talking to yours -- we appreciate the chance to continue to do that and we are taking a serious look at it. >> now, as far as apple's stated policy, you don't -- you have a policy that you don't encourage with their apps people to break the law, is that correct? isn't exactly what is happening here -- you can imagine, you've had her letter now for two months and you can imagine a person that is drunk, dui, dwi driving down the road and they have this -- one of these apps turned on and it issues an

alert, tells them there is a check point ahead, then they can use their device to then find a way around the check point. it seems to me that kind of application is encouraging breaking the law. >> well, we are reviewing -- >> well come you've had two months. how are you going to review it? >> well, we will be working with you on this. we are reviewing it. there are -- there is some apps, for example, that have a cap number for you to call a cab, alert you that there are, you know, there is checked points and here's a phone number for you to call a taxi. so i think they are not ubiquitous, all of these at. as i said, some of the information is made public by police themselves. i think reasonable people at different points of view about how to go about this and were trying to do this in the most thoughtful and responsible

manner. >> and i understand that, but i hope that you all understand the difference between the police department, the state police, county police, sheriffs, whatever, issuing a broad general think that on friday night or saturday night we are going to have a chat point out they are at various points in town. that serves a deterrent, i think, for people to know. even though there is a 2% chance of catching drunk drivers. so all of us out on the highways, 2% chance of catching, eq utilizing -- somebody utilizing these apps that makes it even less likely. may drop to 1% or half a percent for every days. but the important point is here you have law enforcement issuing

generalized bulletins. but what people do with your apps and what they are able to do is specifically an real-time determined there is a check point and debate the chat point and possibly afterwards get in an accident and how somebody killed. so i understand that you all are looking at it closely, but i think this is a crucial question for law enforcement. i heard from the police department in las cruces. the attorneys general of new mexico, delaware and ireland have also signed onto this issue and are asking the same questions. i think the more this is out there you're going to be getting this kind of questions. i'm sorry, mr. chairman, for any know for but i very much appreciated as i said earlier your effort for consumer protection which are doing this area is greatly appreciated.

>> thank you. and thank you to the witnesses being hairier. >> senator rubio. >> thank you for being a part of this. this is a very timely and interesting. just to close the loop on the apple portion of it as an apple user with a lot of apple users in our family, one of the teams that -- i know the answer, but on other people people to you as well as the two researchers have found the iphone and ipod contains the time spent record and were able to go create an app that basically created the map. the whole thing that flared up in late april. the company acknowledged that was a glitch in the suffered some updates to fix that. for those updates available already quite >> yes, sir. is that they severed it been implemented for most of all of the questions. there was one question on encryption that is going to be implemented recently. but i would say that again there

is no actual information on your phone about your actual location and the time. what was on your phone was essentially a city map of wi-fi hotspots and databases, not where you were on that map. >> a key to a wise the company's position was an intentional. it's a glitch that exists, for example, even if the toggle switch and said no, it's still a speeding information is stored for longer periods of time. so the company now -- is a single update? >> the update went out a couple weeks ago and there is no more -- which is working perfectly now and it is not backed that. your information is not backed up to a computer. and the encryption question is being addressed. >> someone who has an iphone, attitude is available. they still have to pull the update in the device?

>> when they think their phone, but could a notice saying there is an update available, do it with dollar? you say yes and it installs on your phone. >> anyone who has an updated their phone in the last -- >> in the last two weeks. >> this information is all available for them. the second question has to do with relationship with third parties. there's some confusion because people go to the apple apps store began trademark interface look. when someone buys an application from an online store like that, both reality and the county perspective, who is their relationship with their business relationship and they do that? as i go on and get an application for my phone and i think this question is for all of you because they start does that as well. who at that point where the relationship with? is it with you the marketplace or is it the actual app under?

>> well, just from our perspective, once you buy the app and use it, your relationship is with the app developer. at that point, the first party relationship is with the app developer. >> we would agree with that. initially for example a lot of applications are in terms of service you agree to when you first install it and there is an agreement there. i think it is why users need to be careful about what applications are use to be thinking about that. it's also why we try to give people as much information as we can to reinstall the app because that is when we lose the relationship. >> that is critically important because a lot of people believe -- a lot of people are clear. i know anyone who sells an app goes through general screening process but ultimately the business relationship is only as good as the company or whoever you are interacting with. here is my secondary question. if i have a problem with the

app, let me put a nap in my device and all of a sudden start having problems were talking about, let me pull to defuse the problem, is very process in place where you can report them to you so that you can -- what is that process? >> in our case, we've installed a flagging mechanism so users can flag applications for a variety of different reasons. once you do if you got a whole set of reasons why you might want to be flagging and that will be a place for review and that is the starting point for us. >> same for apple? >> we have an ability on our app store to contact us and you can flag any concerns you have and would investigate immediately. >> asked questions about the the geolocation data collected when people check in on the featured. is this only collected at the time they check in?

>> right now the places feature is designed so you can explicitly share your location with people you choose at the time of sharing. and so, places is not a feature about passively sure in your location. it's actively showing your location. >> it happened at that moment. >> you actually click a button that says check-in and the information goes in your profile. >> how long do you guys? >> been information that you shared time at this restaurant was, that's on your profile as long as he wanted to be unique and you can remove it from your profile at any time. >> if the individual distributed it on there definitely? >> akamai we consider it like you publish a status update. you base a decision to share and it's up to you or you want to share but then if you want to delete it. you can actually change both of those after-the-fact. >> you're probably not shot some people lie about where they are.

but basically so people understand understand when they go; logon and fan here, that is going to stay on there forever unless you act really go back and delete it yourself. >> that's correct and it's because fundamentally few decided to share a status that date or a photo, we consider that your information, not ours. we consider it an imperative to keep that information because you've entrusted us to keep it on behalf of sharing of your friends. >> be appreciated. >> thank you. >> thank you, mr. chairman. i want to thank all the panelists. we are all encouraged by the substantial growth in the wonderful technology we have in the mobile marketplace. but it does obviously raise questions and concerns about how the developing industry is impact consumer protection and privacy. and so having access to all these things in the palm of your hand is a wonderful tool and

there's a lot of competition for the new, best greatest thing which is their entrepreneur spirit in america. we want to make sure we need do we do it in a way that a properly protects consumers online without stifling innovation and growth. i want to direct a question if i may to mr. david then it has to do with the ftc recently alleged that google violated the ftc act inappropriately by inappropriately collecting gmail user information to populate the social network. according to the ftc, google's action letter to receiving contact with individuals who may have serious concerns about. could you talk about how google has responded to the ftc on that matter? >> absolutely. as i said in my testimony, we hold ourselves to high standards on providing transparency and choice control to our users.

and the situation you allude to with the launch of our first product can beat those standards. he was very confusing for our users. we think he fixed it relatively quickly. in a matter of days or change the product, but we have been in a longer conversation with the ftc about it afterwards and relatively recently ended into the senate to create. we've agreed for the next 20 years to put our money where our mouth is and we have signed up for two major things here. one is really instilling privacy by design, a process in our company for making sure we thinking about privacy from the earliest moment and that will be something audited and a fast and reported to the fcc every two years for the next 20 years. the second thing is we agree we are going to get affirmative consent from users for any new sharing of information. another powerful thing and the

kinds of things we said we would do and had agreed to do but now it's got to agree with the fcc to sure users will do for the next 20 years. >> you think some of the particulars you talked about might be considered a best part is further companies to consider? >> you know, i think that is something that is addressed to other companies. there are a lot of different models. we think this was the right thing for google's and our users and so we adopted this with the ftc and i leave it to others to decide for three further companies. >> i am concerned that if companies agree to implement more restrictive privacy control that they're still individuals who will try and hack into mobile devices and apps for third-party users. it seems mobile devices and apps are far more susceptible to those types of deceptive activities. this is a question and be feel

free to answer. as the industry figured out how they can make mobile devices announce the more similar to how we protect their computers with the antivirus software and those kinds of things? are we seeing any companies that specialize in security for mobile devices and apps? mr. reed. >> on the first part of the question, yes, there's a company called lookout that builds a product for the android platform that provides security and our detection for the android platform. i mentioned it's a little different in apple. apple gives us very little access to information of the device itself. they are very restrictive about when the developer community can ask for in terms of information. so it's where you see a lot more in this case was more of the wild west and where there is more a tendency for people to do the kinds of offseasons you're

talking about. so lookout is an example of a company that's come to address the problem you stated. >> first of all, i think there's a huge amount of energy being put into securities. it's a great question. don't be surprised if they characterize as the wild, wild west. our view is the openness of the platform and the fact that the code is open to a major security feature because people around the world are able to look and assess the code in the system in security architecture and tossed it all the time. you don't get security secrets anymore. you get security with openness. the other thing is very huge number of features that are among the people who enroll for them opel platform can effect making sure there's gps for encryption by default major products like google, gmail is

available in search as well. we've added identification and other system to gmail that if a password is the nephew might have to have a device and a password, which you think people are really concerned and a lot of other companies withdrew important area and a huge amount of research going into it. >> is there anything that congress can do to help encourage greater protection when it comes to mobile devices and apps or would you rather we stay out of it? >> well, it's a rapidly evolving area for sure. there's been discussion about data breach legislation. i think a lot of us, for example, would say that's an area for consideration because there is such a pack market stabilize. i recognize the huge amount of the very dynamic environment right now. >> thank you, mr. chairman.

>> thank you from a senator for asking great questions. i want to thank all the panelists for being here today. i know when you look at the thickness scale, sometimes coming before the senate is way down here, they thank you for being here and thank you for testifying in as much as we talked about today, covered a lot of issues, i feel like we still are at the tip of the iceberg. there's a lot more to know and to learn and way through and we certainly appreciate you off and put them help as they go through this. we are going to leave the record open for two weeks and i am certain that several will have additional questions and want to do some follow ups. i know i have a few, but we believe that open for two weeks that we would really appreciate you will working with the staff to get back to us in a timely manner. thank you for being here and we will adjourn the hearing. >> thank you. [inaudible conversations]

[inaudible conversations] [inaudible conversations] [inaudible conversations] >> in just a few moments come a hearing on a bill that calls for $12 billion in tax cuts for small businesses to help create jobs.

>> no one succeeds in life by themselves. you must be willing to the non-others, listen to others and yes, love others. >> the senate small business committee held a hearing today on implementing the small-business jobs act. the law calls for $12 billion in tax cuts for small businesses that increased access to capital. this is a little less than two

hours. [inaudible conversations] >> good morning, everyone. i'd like to call or meeting to rderr this morning and i'd like to thank all of our witnesses for joining us this morning, ourtly, arly our witnesses on the second panel who are going to be bringing real-life testimony to the issues that weg are looking at and reviewingokig this morning.wing as many of you know, this week is national small business week. president john kennedy startedi the tradition john kennedy star this tradition in 1963 to recognize the contributions of small businesses to the economic vitality of our country. the following year, president

johnson awarded the first small businessman of the year. i underline the word businessman of the year, to mr. berkeley bedell. he was from spirit lake, iowa. he was president of berkeley company, a manufacturer of fishing lines. his business was started in the bedroom -- in his workshop, while he was still in high school at the time. president johnson said that mr. bedell represented millions of american small businesses, who as st. paul wrote, were not slothful in business but fehr vant in spirit. that would be romans 1211. while times have changed since then, i believe it's still our responsibility as policy makers to lift up these entrepreneurs that are not slothful in business but are fehr vant in spirit. that's the purpose of today's hearing. we want to recognize the 27.2 million small businesses in

america that are struggling to recover from the great recession. more specifically, we'll hear from our federal government, how our federal government is implementing the small business jobs act passed last year with the help of many members of this committee. this legislation has been touted as a single most important piece of legislation in decades for small business. let me just mention a few other things and i recognize senator shaheen who is here for her opening statement in just a moment. i do want to put a few things into this record. last congress, the 111th congress, the committee heard compelling testimony from small business owners from across the country struggling to keep their lights on, their doors open and stretching to keep valuable employees on the payroll. many business owners could not yet conventional bank loans. others saw substantial reductions in their existing lines of credit. still others had cutting edge

products but did not see an opportunity to contract with the federal government. the results were alarming. since 2008, small business firms accounted for between 64 and 80% of all the net job losses in our country. that is beginning to reverse. we're excited about that, and we'll hear more about that today. to address these issues, i'm proud to have led the senate efforts to enact the small business jobs bill of 2010. the bill was signed into law by president obama on september 27th. the jobs act provided many things. support to small business in many important ways. providing 12 billion in immediate tax relief. increasing access to capital by increasing sba loan limits and establishing the small business lending fund and strengthening core programs of the small business administration which resulted in more money for counseling services for small business development centers, increased export opportunities and provided a more level

playing field for small businesses looking for opportunities to contract with the federal government. first the jobs act included multiple tax cuts effective for 2010 that provided incentives for small businesses to make new investments in property and real estate and expand their operations. for example, small business owners who bought new equipment in 2010, the jobs act included enhanced expensing provisions that allowed the immediate write off of the first 500,000 of tangible personal property and up to 250,000 for certain investments in real estate. also, for the first time ever, self-employed business owners could deduct 100% of the cost of health insurance for payroll tax purposes. in my home state of louisiana alone, there were over 234,000 self-employed individuals eligible for this tax break.

altogether, the bill included over 12 billion in tax cuts for small businesses at a time when they needed them the most. next, the job acts focused on the major hurdle limiting small business growth. that was the lack of access to capital. in particular, the jobs act continued, vital programs from the american recovery and reinvestment act which spurred lending to small businesses. it eliminated the bowers fees, increasing the federal government guaranty on sba loans from 75% to 90%. at the time our bill passed, these provisions had already supported 30 billion in lending to more than 70,000 businesses since 2009. the extension of these recovery act provisions in our bill allowed an additional 1,500 businesses to receive more than 750 million in loans. in addition, the act permanently raised the maximum loan size from sba's two largest programs,

and the maximum 405 loan size from 1.5 to . 5.5 million. these were extraordinary accomplishments. in addition, the treasury department was tasked with implementing two new programs designed to support private sector lending to creditworthy small business. the small business lending fund makes billions of dollars in capital available to roughly -- which is several thousand healthy community banks in our country. we'll hear more about that today from mr. don graves and from the honorable marie johns. this partnership could leverage billions of dollars in additional lending to small firms. treasury has already received applications from 700 banks for roughly $10 billion. that's encouraging. we're making progress. let me say just a few more

things. the small business credit initiative which was pushed by several members of our committee, much to my joy, will support at least 50 billion in new lending by strengthening state small business programs. i know senator hagen is going to ere are really wonderful cause opportunities that will be shared today from that part of the country. under the jobs act, key enhancements were made to enhance and improve sba programs. as we know, only 1% of small businesses export, with 95% of the world's consumers outside of the united states, it's important that this committee took the opportunity to strengthen our export programs. we're going to hear some testimony today about how that is working. our bill improved sba export financing programs by

significantly increasing the maximum size of export loans and by expanding the network of sba export finance specialist that counsel exporters can help them underwrite the loans. it created a state trade and export program which provides 60 million in grants in states to bolster their programs. in closing -- let me say one other thing before closing. in addition to all of the things that i mentioned, this bill also increased enhancements to the small business contracting program. the federal government has over $500 billion a year available for purchases of goods and services. we're opening up opportunities for small business, women-owned businesses, hub zones and service disabled veterans to participate in that program. in closing, i just want to highlight a couple of provisions. i give you one example in

closing, of how this specifically worked for a business in louisiana. baker sales is a small business that operates in louisiana. it's operated for many years. when the construction slump occurred, it saw its sales drop by 20%. when the deepwater horizon explosion happened and the moratorium was put in effect, its sales were lower. they had been in business 30 years. they imported steel products and sold them within a 2000 mile range. they wanted to export but it was simply a pipe dream. last march, however, they received assistance from the regional director of the u.s. commercial service staff in new orleans to travel to panama to identify potential clientses. baker sales lacked the capital to make these investments. when the collateral and collections were in panama, they couldn't enforce, in the event

something went south on this, but with this new program, baker sales received $3 million from a 7a loan that helped them to secure the contracts in panama, expand their export opportunities and give them a path forward out of what has been a very difficult economic time for them. they've hired two additional employees and they expect to expand sales in the future. so today, we will hear some additional success stories like baker sales. i'm proud of the work that this committee has done and we're going to get some testimony from our key witnesses about what more we can do to improve the outlook for small businesses in america today. let me turn it over to my ranking member, senator snowe and then we'll receive opening statements from senator shaheen as well. >> thank you, chair landrieu, for holding this hearing here today to examine the implementation of small business jobs act of 2010.

i think it's fitting that we would be exploring the implementation of this legislation at a time which is coinciding with national small business week that highlights and celebrates the accomplishments rightfully of our nation's nearly 30 million small firms. now perhaps more than ever, we will rely on small businesses to lead us out of our continued economic problem as they have done time and time in the fact. i appreciate the fact we have small business administrator marie johns and deputy assistant secretary don graves for updating us. i especially want to thank our small business witnesses for offering their perspective as well. as ranking member, i certainly know firsthand, there's no more urgent emperative than job creation. our nation has endured 27 straight months with unemployment at 8% or above. last month, unemployment once again reverted to an

unacceptably high 9%. we cannot allow these persistently high levels of unemployment to become the new normal. it is essential that we focus on bolstering our economy and creating jobs. the best way to spur economic growth is to empower our nation's small businesses. whether reducing regulatory burdens, increasing access to capital, supporting pro growth tax policies or encouraging exporting, we must continue to seek ways to create a better climate for small businesses across the country. it is with this in mind that we developed a framework for the jobs act through a series of small business bills. the act includes as the chair as indicated many of the committee's long standing priorities. for instance, increasing the maximum loan limits for the sba, 7a and micro loan programs. it expands export technical assistance and trade promotion. it includes tax measures like those to permit general business

credits to be carried back five years and taken against the alternative minimum tax. unfortunately, i had serious misgivings about the treasury small business lending fund that was included in the legislation on the floor. i was particularly concerned by congressional budget office wanting while analyzing the lending fund with the most comprehensive methodology, it could cost taxpayers more than $6.2 billion. furthermore, lack week, the treasury inspector general's office issued a report on the implementation of the lending fund which you suggests that the program is tepid at best. according to the report, treasury expects to distribute only one-half to two-thirds of the authorized $30 billion. as of april 18th, only 626 lending institutions out of more than 7,000 nationwide had applied to participate in the initiative. only $9.2 billion in funding had

been requested. moreover, the top recipients, otherwise known as the troubled asset relief program, requested 64% of that the.2 billion. these institutions would essentially be paying off one taxpayer funded credit card t.a.r.p. with another in the form of the lending fund to obtain lower interest rates without restrictions like those on executive compensation. the report revealed that t.a.r.p. recipients are not expected to get much additional capital beyond their t.a.r.p. investment balances, placing in doubt how much new lending will actually take place. so this begs the question, isn't this lending fund proving to largely be a t.a.r.p. refinancing program? it's obvious, been demonstrated that there has not been great interest in the initiative and i know the administration is extending the deadline for applications from march 31st to may 16th of this year. i would like to explore that with you, mr. graves, concerning those issues.

while i clearly have concerns with the lending fund in particular, i hope that we can have a constructive dialogue with respect to its implementation but also the outcomes occurring with all the other initiatives incorporated in this legislation that ultimately became law last fall. i'm eager to hear about the desired effects of these initiatives because it is critically important in the final analysis to ensure that we have the efficiencies and the effectiveness of these programs and that they are producing results. we've got to turn this economy around. we've got to create jobs. i know we created 244,000 jobs last month. but we have to continue at that rate for every month for five years in order to achieve the prerecession levels of unemployment of 2007. i think that that underscores the challenge before us as a country. that's why many of these initiatives in this act, i think, are going to be very good in terms of working in that direction. we have to make sure it's done

well and it's implemented efficiently so we can achieve the results more immediately than otherwise is being felt on main street in america. i want to thank our witnesses here today. i want to thank the chair for convening this hearing. >> senator shaheen. >> thank you. chair landrieu and ranking member snowe for holding the hearing today on the implementation of the small business jobs act. it's fitting that we're doing it during small business week. the jobs act was a very important effort to help small businesses that create two-thirds of the jobs in this country. we all know there's more work to do because too many small businesses are still struggling with access to credit. i unfortunately can't stay to hear your testimony, but i did want to raise two issues that i hope you will address. first of all, both senators landrieu and snowe have talked about the export provisions in

the new legislation. in new hampshire, we think those are critical. we've got to give small businesses access to international markets to help them grow. and i think new hampshire is one of the 53 states that has applied for funding through the state trade and export promotion program, so clearly, there's a lot of interest, and i think the role that sba can play in coordinating the export efforts across the federal government will really be critical. the second provision that i wanted to call your attention to has to do with the 504 refinancing provisions. my understanding is only 20 loans have been approved since the passage of the bill, and these are provisions, as we all know, that will be very important in giving businesses access to working capital. so anything that can be done to help facilitate those loans, i

think, will be very important. so thank you very much for being here. i look forward to reading your testimony, and hope you will give real consideration to moving on those two provisions. >> okay. why don't we go right into the testimony from administrator marie johns and mr. don graves. >> good morning. chair landrieu, forgive me, ranking member snowe and shaheen and members of the committee. as has been cited a time or two, this is national small business week, it's a week we empower small businesses that drive our economy, keep america competitive and importantly create jobs. the sba is hosting a three day conference here in washington, d.c. where we're honoring small business owners with awards. small business persons, chair landrieu of the year, and more.

these small business owners and others like them have gotten a big boost from the small business jobs act. since the passage of the jobs act in september 2010, the sba has worked hard to implement the many provisions that affected our programs. the jobs act affected all of sbab's largest programs including our support for access for capital, small business contracting, counseling and training and exporting. some of these provisions were quick fixes and easy to implement. others take more time, but rest assured that sba is working diligently to implement every provision as soon as possible. to begin with almost immediately, the agency began making loans with a temporary increased guarantee and reduced fees authorized by the jobs act. this helped us put $12 billion in loans into the hands of small businesses at a time when they needed that lending support more than ever. second, the jobs act also raised limits on our loan sizes from $2 million to $5 million.

this increased size will help manufacturers, exporters and other small businesses. for example, great falls marketing in auburn, maine rereceived approval of a $2.6 million loan for purchase of an existing business. they anticipate creating 80 jobs as a result. the jobs act contained 19 provisions making it easier for small businesses to compete for and win more of the $500 billion federal contracts awarded each year. for instance, the law reaffirmed the equal treatment or parody across federal contracting programs. this meant when awarding contracts that are set aside for small businesses, contracting officers are free to choose among businesses owned by women and service disabled veterans as well as businesses participating in the hub zone. the sba quickly implemented the repeal of the competitiveness demonstration program which will help small businesses compete for contracts in areas such as

construction, landscaping and pest control. third, the jobs act also provided funds for counseling and training which included $50 million in grants for our small business development centers around the country. all of this money is out of the door and going to fund innova innovative funds such as regional innovation clusters and support for young entrepreneurs. the fourth way the act is helping small businesses is through increased support for exporting. the jobs acted raised the size limits to $5 million and export express loans to $500,000 that also made the export express program permanent. and chair landrieu already has cited the great success of baker sales in louisiana as one of the examples of how these tools have been put to use by small companies and creating jobs.

at the same time, sba is reviewing and evaluating the first year proposals for the trade trade and export promotion grants pilot which will fund $30 million to state programs this year to increase exporting. as we implement provisions of the jobs act, we have continuously sought input from small business owners, lenders and other stake holders. the sba's jobs act tour visited ten cities with three more planned in the very near future. at each tour stop, top officials are sharing information on how small business owners can take advantage of the jobs act as well as talking with them about what works, what we can build on what needs to be improved going forward. the response to the jobs act tour has been overwhelmingly positive. in the surveys conducted after each tour stop, 92% of the respondents felt they had a chance to give input to the sa sba on its programs. 94% of respondents learned new, valuable information about sba programs and 95% of respondents

thought they would be able to use the information they learned to help their business. we had over 1900 attendees thus far and are expecting 2600 at the end of the tour. thank you for this opportunity to discuss the small business jobs act. i'm happy to take your questions. >> thank you very much. mr. graves? >> good morning, chair landrieu, ranking member snowe and other members of this committee. thank you for the opportunity to be here today, along with my colleague, marie johns. i'm grateful to discuss our efforts to create the opportunities for small businesses to thrive. small businesses are vital to our economic growth. small firms employ approximately half of all americans, and are responsible for two-thirds of net job creation. that's why supporting the economic conditions in which small businesses and entrepreneurs can thrive through improving lending conditions, tax incentives has been and will

continue to be a top priority. the administration also recognizes the unique hardships faced by small businesses today. through no fault of their own, these businesses have borne much of the burden from the financial crisis. in the aftermath of that crisis, small businesses have been faced with aa cycle of decreased customer demand. with no other options many have been forced to downsize and lay off workers. to help them recover, last september, president obama signed into law the small business jobs act, the most important comprehensive piece of business legislation in over a decade. certainly the both of you in this room were instrumental and thank you so much for your work on that. i commend you for that work and we're excited to continue to implement that legislation. since the bill was signed into law, treasury has been hard at work implementing two of the programs crucial that were part of that small business jobs act.

the small business lending fund and the state small business credit initiative to help small businesses access affordable credit in order to expand and create jobs. the jobs act contained eight small business tax cuts, part of 17 small business tax cuts the president signed into law that provide additional tax relief to help small businesses invest and create jobs. at treasury, i oversee the state small business credit initiative and lending fund. the credit initiative is a $1.5 billion credit program to support lending for small businesses by strengthening capital access programs, loan guaranty and loan participation programs. and other innovative small business initiatives. as a result of the financial crisis and state budget shortfalls, many of these programs have been cut back at the moment they're needed the most. the state small business credit initiative was intended to help reverse that trend. as a result of the good work of my treasury colleagues, 48 states, the district of columbia and all five territories have

notified treasury they intend to participate in this program. we've received 13 applications from states thus far that would collectively leverage over $3.2 billion in lending to small businesses. treasury has approved allocations to north carolina for $46 million and california for $169 million. and their programs have utilized the funds to increase lending to small businesses in those states. allocations for vermont and missouri have been approved and missouri reports that applications to its state small business credit initiative program, state run venture capital fund has totalled $50 million exceeding the fund's initial capacity. additional approvals for hawaii and indiana were announced earlier this week. the second program i oversee is the small business lending fund, providing capital to institutions with assets over $10 million.