The Role of Satellites and Smart Devices: Data Surprises and Security, Privacy, and Regulatory Challenges

75 Pages Posted: 12 Jul 2019

See all articles by Anne Toomey McKenna

Anne Toomey McKenna

Dickinson Law School

Amy C. Gaudion

Penn State University - Dickinson Law

Jenni L. Evans

affiliation not provided to SSRN

Date Written: July 11, 2019

Abstract

Strava, a popular social media platform and mobile app like Facebook but specifically designed for athletes, posts a “heatmap” with consensually-obtained details about users’ workouts and geolocation. Strava’s heatmap depicts aggregated data of user location and movement by synthesizing GPS satellite data points and movement data from users’ smart devices together with satellite imagery. In January of 2018, a 20-year-old student tweeted that Strava’s heatmap revealed U.S. forward operating bases. The tweet revealed a significant national security issue and flagged substantial privacy and civil liberty concerns.

Smart devices, software applications, and social media platforms aggregate consumer data from multiple data collection sources, including device-embedded sensors, cameras, software, and GPS chips, as well as from consumer activities like social media posts, pictures, texts, email, and contacts. These devices and apps utilize satellite data, including GPS, as a fundamental component of their data collection arsenal. We call this little understood, across-device, across-platform, and multi-sourced data aggregation the satellite + smart device information nexus. Given the nature of the technology and data aggregation, no one escapes the satellite and smart device information nexus. We explain the technology behind both satellites and smart devices, and we examine how the satellite + smart device information nexus works. We also address how private industry’s aggregation of data through this nexus poses a threat to individual privacy, civil liberties, and national security.

In so doing, we work to fill a marked gap in the privacy and cyber-related legal literature when it comes to analyzing the technology, surveillance capabilities, law, and regulation behind government and commercial satellites together with private industry’s aggregation, use, and dissemination of geolocation and other data from the satellite + smart device information nexus. This lack of awareness about the satellite + smart device information nexus has adverse consequences on individual privacy, civil liberties, and the security of nation states; it impedes informed legislation; and it leaves courts in the dark.

A contributing factor to the lack of awareness is that commercial remote sensing and government satellites are regulated by a byzantine scheme of international laws, treaties, organizations, and domestic nation states’ laws that combine to control access to satellite data, sharing of satellite data, licensing, ownership, positioning in space, technical requirements, technical restrictions, and liability for harm caused by satellites. Although the satellite + smart device information nexus involves staggering quantities of personal information, we examine how the nexus falls outside the U.S. electronic surveillance and data legislative scheme and why it is unimpeded by privacy decisions due to a disconnect in U.S. Supreme Court decisions treating aerial surveillance differently than location tracking.

We breakdown the complex yet opaque regulatory structure governing commercial remote sensing and government satellites. We examine why the Strava event and others like it are — and will continue to be — the new norm, absent significant legislative and regulatory change. We conclude by providing a suggested roadmap for that legislative and regulatory change.

Keywords: Satellites, Privacy, Cyber, Security, Data, Smart Devices, IoT

JEL Classification: K00, K2, K20, K23, K29, K30, K33, O20, O30, O33, O38

Suggested Citation

McKenna, Anne Toomey and Gaudion, Amy C. and Evans, Jenni L., The Role of Satellites and Smart Devices: Data Surprises and Security, Privacy, and Regulatory Challenges (July 11, 2019). Penn State Law Review, Vol. 123, No. 591, 2019. Available at SSRN: https://ssrn.com/abstract=3418420

Anne Toomey McKenna (Contact Author)

Dickinson Law School ( email )

150 S College St
Carlisle, PA 17013
United States
717-241-3508 (Phone)

HOME PAGE: http://https://dickinsonlaw.psu.edu/academics/faculty/resident-faculty/anne-toomey-mckenna

Amy C. Gaudion

Penn State University - Dickinson Law ( email )

Lewis Katz Hall
150 S. College Street
Carlisle, PA 17011
United States
717-240-5216 (Phone)

HOME PAGE: http://https://dickinsonlaw.psu.edu/academics/faculty/resident-faculty/amy-gaudion

Jenni L. Evans

affiliation not provided to SSRN

Register to save articles to
your library

Register

Paper statistics

Downloads
38
Abstract Views
373
PlumX Metrics