`
`
`
`
`
`
`
`
`Best Practices and Guidelines
`for
`Location-Based Services
`
`
`
`
`
`
`
`
`
`
`
`
`Version 2.0
`
`Effective Date: March 23, 2010
`
`
`
`
`
`CTIA – Best Practices and Guidelines for Location Based Services
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`CTIA’s Best Practices and Guidelines for Location Based Services
`
`TABLE OF CONTENTS
`
`
`Section 1 - Purpose ..................................................................................................................... 1
`Section 2 – Applicability ............................................................................................................ 1
`Section 3 – Scope of Coverage ................................................................................................... 2
`Section 4 - Specific Guidelines................................................................................................... 3
`A. Notice............................................................................................................................ 3
`B. Consent.......................................................................................................................... 5
`1. Form of Consent ........................................................................................................ 5
`2. Account Holder Consent............................................................................................ 5
`3. Revocation of Consent............................................................................................... 6
`C. Safeguards ..................................................................................................................... 7
`1. Security of Location Information............................................................................... 7
`2. Retention and Storage of Location Information ........................................................ 7
`3. Reporting Abuse ........................................................................................................ 7
`4. Compliance with Laws .............................................................................................. 7
`5. Education ................................................................................................................... 7
`6. Innovation .................................................................................................................. 8
`7. Compliance with Guidelines...................................................................................... 8
`Appendix – Additional References:.................................................................................... 8
`
` *
`
` The examples provided in the Guidelines are illustrative only and are not meant to indicate
`that LBS Providers must provide the features or services described in the examples.
`
`
`
`- i -
`
`
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`Section 1 - Purpose
`
`CTIA Best Practices and Guidelines (“Guidelines”) are intended to promote and protect user
`privacy as new and exciting Location-Based Services (“LBS”) are developed and deployed.
`Location Based Services have one thing in common regardless of the underlying technology –
`they rely on, use or incorporate the location of a device to provide or enhance a service.
`Accordingly, the Guidelines are technology-neutral and apply regardless of the technology or
`mobile device used or the business model employed to provide LBS (e.g., a downloaded
`application, a web-based service, etc.).
`
`The Guidelines primarily focus on the user whose location information is used or disclosed. It is
`the user whose privacy is most at risk if location information is misused or disclosed without
`authorization or knowledge. Because there are many potential participants who play some role
`in delivery of LBS to users (e.g., an application creator/provider, an aggregator of location
`information, a carrier providing network location information, etc.), the Guidelines adopt a user
`perspective to clearly identify which entity in the LBS value chain is obligated to comply with
`the Guidelines. Throughout the Guidelines, that entity is referred to as the LBS Provider.
`
`The Guidelines rely on two fundamental principles: user notice and consent.
`
`
`• First, LBS Providers must ensure that users receive meaningful notice about how
`location information will be used, disclosed and protected so that users can make
`informed decisions whether or not to use the LBS and thus will have control over
`their location information.
`
`
`
`• Second, LBS Providers must ensure that users consent to the use or disclosure of
`location information, and LBS Providers bear the burden of demonstrating such
`consent. Users must have the right to revoke consent or terminate the LBS at any
`time.
`
`
`Users should have confidence when obtaining an LBS from those LBS Providers that have
`adopted the Guidelines that their location information will be protected and used or disclosed
`only as described in LBS Provider notices. By receiving notice and providing consent consistent
`with these Guidelines, users will maintain control over their location information. The
`Guidelines encourage LBS Providers to develop and deploy new technology to empower users to
`exercise control over their location information and to find ways to deliver effective notice and
`obtain consent regardless of the device or technology used or business model employed.
`
`
`Section 2 – Applicability
`
`The Guidelines apply to LBS Providers. The following examples identify common situations
`and illustrate who is and is not an LBS Provider with obligations under the Guidelines.
`
`
`
`Best Practices and Guidelines for Location-Based Services
`
`- 1 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`Examples of LBS Providers:
`
`Example 1. A wireless carrier is the LBS Provider when it directly
`provides account holders or users an enhanced 411 LBS to locate
`nearby businesses.
`
`Example 2. An application developer that provides the service for
`a downloadable LBS application (e.g., turn-by-turn driving) that is
`offered through an application storefront is the LBS Provider; a
`wireless carrier that provides user location information to that
`application developer for use in the LBS (e.g., through incidental
`assistance to the device’s A-GPS or through other network data) is
`not an LBS Provider.
`
`Example 3. A device manufacturer that pre-loads its own
`manufacturer-branded LBS application (e.g., a proprietary social
`networking application)
`is
`the LBS Provider; a device
`manufacturer that merely includes location enabled technology
`(e.g., A-GPS) on the device to support other applications and
`services, is not an LBS Provider.
`
`Example 4. An entity that merely enables application providers to
`access location information from multiple wireless carriers (i.e.,
`an aggregator) is not an LBS Provider, nor are the wireless
`carriers LBS Providers; instead, a party that uses an aggregator’s
`data to make an LBS available to users is the LBS Provider.
`
`Example 5. A wireless carrier that provides its customers “on-
`deck” access to a mapping service provided by a separate software
`developer is not the LBS Provider even if it provides the location
`information used by the third party; instead, the software
`developer is the LBS Provider.
`
`Caveat: The examples are illustrative only and do not imply that
`compliance with the Guidelines alone permits such uses or
`services. The terms on which access to location information is
`made available from wireless carriers to third parties, or the terms
`under which applications are made available to users, are beyond
`the scope of the Guidelines.
`
`
`
`Section 3 – Scope of Coverage
`The Guidelines apply whenever location information is linked by the LBS Provider to a specific
`device (e.g., linked by phone number, userID) or a specific person (e.g., linked by name or other
`unique identifier).
`
`Best Practices and Guidelines for Location-Based Services
`
`- 2 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`The Guidelines do not apply to location information used or disclosed:
`
`•
`
`• as authorized or required by applicable law (e.g., to respond to emergencies,
`E911, or legal process);
`to protect the rights and property of LBS Providers, users or other providers of
`location information;
`for testing or maintenance in the normal operation of any network or LBS; or
`in the form of aggregate or anonymous data.
`
`•
`•
`
`
`
`Section 4 - Specific Guidelines
`
`A. Notice
`
`An important element of the Guidelines is notice. LBS Providers must ensure that potential
`users are informed about how their location information will be used, disclosed and protected so
`that they can make informed decisions whether or not to use the LBS, giving the user ultimate
`control over their location information.
`
`The Guidelines do not dictate the form, placement, terminology used or manner of delivery of
`notices. LBS Providers may use written, electronic or oral notice so long as users have an
`opportunity to be fully informed of LBS Providers’ information practices. Any notice must be
`provided in plain language and be understandable. It must not be misleading, and if combined
`with other terms or conditions, the LBS portion must be conspicuous.
`
`If, after having obtained consent, LBS Providers want to use location information for a new or
`materially different purpose not disclosed in the original notice, they must provide users with
`further notice and obtain consent to the new or other use.
`
`LBS Providers must inform users how long any location information will be retained, if at all. If
`it is not practicable to provide an exact retention period, because, for example, the retention
`period depends on particular circumstances, the LBS Provider may explain that to users when
`disclosing its retention policies.
`
`LBS Providers that use location information to create aggregate or anonymous data by removing
`or permanently obscuring information that identifies a specific device or user must nevertheless
`provide notice of the use.
`
`Example 6. An LBS Provider could create a dataset of mobile
`Internet users registered in a particular geographic or coverage
`area by removing or “hashing” information that identifies
`individual users from the dataset so that the LBS Provider could
`provide location-sensitive traffic management information or
`content to a highway safety organization. Notice that the LBS
`Provider creates or uses aggregate or anonymous data is required.
`
`Best Practices and Guidelines for Location-Based Services
`
`- 3 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`LBS Providers that share location information with third parties must disclose what information
`will be provided and to what types of third parties so that users can understand what risks may be
`associated with such disclosures.
`
`LBS Providers must inform users how they may terminate the LBS, and the implications of
`doing so. LBS Providers also must ensure that any privacy options or controls available to users
`to restrict use or disclosure of location information by or to others are explained to users.
`
`
`Example 7. An LBS Provider that offers a social networking
`service might provide a mechanism for the user to establish
`permissions for when, where and to whom his or her location
`information will be disclosed. The notice to the user could include
`a statement to the effect:
`
`“You control who will receive your location information. In
`‘settings’ on the menu, you can select contacts you wish to block or
`enable all the time, or you can select a manual option to review a
`list of contacts each time you disclose your location.”
`
`
`LBS Providers must periodically remind users when their location information may be shared
`with others and of the users’ location privacy options, if any. The form, placement, terminology
`used, manner of delivery, timing and frequency of such notice depends on the nature of the LBS.
`For example, one would expect more reminders when the service involves frequent sharing of
`location information with third parties and fewer reminders, if any, when the service involves
`one-time, user-initiated concierge service calls (e.g., locating a nearby service). In addition,
`depending on the circumstances, the use of an icon or other symbol to disclose when location
`information may be shared may be a more effective means of reminding consumers than a
`written notice.
`
`In some circumstances, account holders (as opposed to users) may control the installation and
`operation of LBS. In addition to providing notice to the account holder, LBS Providers still
`must ensure that notice is provided to each user or device that location information is being used
`by or disclosed to the account holder or others. Once again, the content, timing and frequency of
`such notice depends on the nature of the LBS.
`
`
`
`Example 8. An LBS Provider provides an LBS to a business
`customer with multiple devices used by employees in the field. The
`LBS Provider could satisfy its notice obligation by direct notice to
`each device that location information is being provided to the
`business customer. Alternatively, pursuant to a contractual
`obligation between the LBS Provider and the business customer to
`do so, the business customer could inform its employees that it will
`receive user location information.
`
`Best Practices and Guidelines for Location-Based Services
`
`- 4 -
`
`
`
`
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`
`
`B. Consent
`
`1. Form of Consent
`
`LBS Providers must obtain user consent to the use or disclosure of location information before
`initiating an LBS (except in the circumstances described below where consent is obtained from
`account holders and users are informed of such use or disclosure). The form of consent may
`vary with the type of service or other circumstances, but LBS Providers bear the burden of
`establishing that consent to the use or disclosure of location information has been obtained
`before initiating an LBS.
`
`The Guidelines do not dictate the form, placement, terminology used, or manner of obtaining
`consent as long as the consent is informed and based on notice consistent with the requirements
`set forth in the Notice section above. Consent may be implicit, such as when users request a
`service that obviously relies on the location of their device. Notice may be contained in the terms
`and conditions of service for an LBS to which users subscribe. Users may manifest consent to
`those terms and conditions electronically by clicking "I accept"; verbally by authorizing the
`disclosure to a customer service representative; through an IVR system or any other system
`reasonably calculated to confirm consent. Pre-checked boxes that automatically opt users in to
`location information disclosure, or, choice mechanisms that are buried within a lengthy privacy
`policy or a uniform licensing agreement ordinarily would be insufficient to express user consent.
`
`2. Account Holder Consent
`In some cases, where the actual user is different than the account holder, an account holder may
`control the installation and operation of LBS (e.g., business account holder utilizing LBS for
`fleet management; parental account holder providing phones for childrens’ use). Under these
`circumstances, the appropriate consent may be obtained solely from the account holder. As
`noted above, however, LBS Providers still must ensure that notice is provided to each user or
`device that location information is being used by or disclosed to the account holder or others.
`
`
`The following examples are illustrative of account holder consent
`upon which the LBS Provider may rely to use or disclose users’
`location:
`
`Example 9. Fleet Tracking/Employee Monitoring: A business
`entity purchases multiple lines to permit tracking employee
`locations to provide for rapid response repair service, just-in-time
`delivery, or fleet management.
`
`Example 10. Public Safety: The LBS Provider enters into an
`agreement with a public safety organization to provide monitoring
`compliance with terms of supervised release and house arrest,
`terms of bail for bondsmen, protecting public officials on duty, or
`military force movements.
`
`Best Practices and Guidelines for Location-Based Services
`
`- 5 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`
`
`
`Example 11. Parental Controls: The LBS Provider offers a
`service to notify parents when a child arrives at or leaves a
`designated place.
`
`Example 12. Family Safety: The LBS Provider offers a family
`safety feature to locate family members in an emergency or other
`specified circumstances.
`
`
`
`3. Revocation of Consent
`
`LBS Providers must allow users to revoke their prior consent to use or disclose location
`information to all or specified groups or persons.
`
`
`Example 13. User signs up with an LBS Provider for a service
`that provides updates regarding user’s location to a group of
`“friends” designated by the user. The LBS Provider must provide
`reasonable mechanisms for the user to discontinue such location
`sharing with the group at a later date.
`
`
`
`Where technically feasible, LBS Providers may provide for selective termination or restriction of
`an LBS upon account holder request. An account holder may revoke or terminate all or a portion
`of any users’ consent to an LBS.
`
`
`Example 14. User signs up with an LBS Provider for a service
`that requires user’s wireless carrier to periodically disclose user’s
`location information to LBS Provider. User is a minor and the
`mobile device is one of several on the account of the wireless
`carrier’s account holder who, through controls provided by the
`LBS Provider or upon request to the LBS Provider, decides to
`block the LBS or disclosure of user’s location information to third
`parties. The account holder’s election with the LBS Provider
`revokes the user’s consent.
`
`Similarly, revocation of consent also occurs when certain controls
`for sharing location information are provided by a wireless
`carrier, and the account holder of the wireless carrier has decided
`to block disclosure of a user’s location information to third parties
`for a line on the account holder’s account.
`
`
`
`The Guidelines do not dictate terms of service that LBS Providers must offer to users with regard
`to an LBS. Nor do the Guidelines dictate any technical implementation for terminating or
`restricting an LBS.
`
`Best Practices and Guidelines for Location-Based Services
`
`- 6 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`
`
`C. Safeguards
`
`
`
`
`
`1. Security of Location Information
`
`LBS Providers must employ reasonable administrative, physical and/or technical safeguards to
`protect a user’s location information from unauthorized access, alteration, destruction, use or
`disclosure. LBS Providers should use contractual measures when appropriate to protect the
`security, integrity and privacy of user location information.
`
`2. Retention and Storage of Location Information
`
`LBS Providers should retain user location information only as long as business needs require,
`and then must destroy or render unreadable such information on disposal. If it is necessary to
`retain location information for long-term use, where feasible, LBS Providers should convert
`location information to aggregate or anonymized data.
`
`3. Reporting Abuse
`
`LBS Providers should provide a resource for users to report abuse and provide a process that can
`address that abuse in a timely manner.
`
`4. Compliance with Laws
`
`LBS Providers must comply with applicable laws regarding the use and disclosure of location
`information, and in particular, laws regarding the protection of minors. In addition, it is
`recommended that LBS Providers comply with applicable industry best practices and model
`codes.
`
`5. Education
`
`In addition to any notices required under the Guidelines, LBS Providers certifying under the
`Guidelines will work with CTIA in an education campaign to inform users regarding the
`responsible use of LBS and the privacy and other risks associated with the disclosure of location
`information to unauthorized or unknown third parties. All entities involved in the delivery of
`LBS, including wireless carriers, device manufacturers, operating system developers, application
`aggregators and storefront providers, should work to educate users about the location capabilities
`of the devices, systems, and applications they use as well as to inform them of the various
`privacy protections available.
`
`
`Best Practices and Guidelines for Location-Based Services
`
`- 7 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`

`

`
`
`6. Innovation
`
`
`
`
`
`LBS Providers develop and deploy technology to empower users to exercise control over their
`location information and to find ways to deliver effective notice and obtain consent regardless of
`the device or technology used or business model employed.
`
`
`7. Compliance with Guidelines
`
`LBS Providers that comply with the Guidelines may self-certify such compliance by placing the
`following statement in their marketing or promotional materials:
`
`
`LBS Provider follows CTIA’s Best Practices and Guidelines
`for Location-Based Services.
`
`
`
`
`
`
`
`
`
`Appendix – Additional References
`
`CTIA has collected a variety of Location Based Services Privacy Policies that demonstrate the
`application of these Best Practices. These policies are available at:
`
`http://www.ctia.org/business_resources/wic/index.cfm/AID/11924
`
`
`
`Best Practices and Guidelines for Location-Based Services
`
`- 8 -
`
`Ruiz Food Products, Inc.
`Exhibit 1008
`
`