U.S. Congress Launches Inquiry Into iOS Apps' Privacy Lapse

Social Media

Share this Post

Members of Congress are done waiting around on Apple to take up the casual offer from Sen. Charles Schumer to discuss the recently reported loophole in iPhone apps that gives developers access to users' contact list and private photos. Henry A. Waxman, the ranking member of the Energy and Commerce Committee, and G.K. Butterfield, the ranking member of the Commerce, Manufacturing, and Trade Subcomittee, sent letters to 34 vendors of social apps for Apple's iOS devices regarding their policies on collecting information from users.

Earlier this month, the New York Times conducted an experiment that discovered apps that acquired permission by the user to use the phone's current location allowed the app developer to also access the user's personal info, contact list, and photographs without the user's consent or knowledge.

Recipients included the likes of Apple CEO Tim Cook, who received a previous letter from Rep. Waxman and Rep. Butterfield on March 14 seeking answers over said privacy problems, Foodspotting CEO Alexa Andrzejewski, Twitter CEO Dick Costolo, Foursquare co-founder Dennis Crowley, Path CEO Dave Morin, Hipster founder Doug Ludlow, Pinterest CEO Ben Silbermann, and a host of other people associated with apps and websites you're likely to recognize.

The letters, which were nearly identical for each recipient, include potentially incendiary questions about the app's user statistics - something I'd be surprised to see the app bosses readily hand over. Some examples:

  • Did you have a privacy policy in place for your iOS app at the end of February 2012? If so, please tell us when your iOS app was first made available in Apple's App Store and when you first had a privacy policy in place. In addition, please describe how that policy is made available to your app users and please provide a copy of the most recent policy.
  • Have you at any time stored information from or about a users' address book? If so, which field? Also, please describe all measures taken to protect or secure that information during storage and thee periods of time during which those measures were in effect.
  • To the extent you store any address book information or any of the information in question 5, please describe all purposes for which you store or use that information, the length of time for which you keep it, and your policies regarding sharing of that information.
  • Expect a lot of deferrals to a Terms of Service page from several if not all of these app developers. Curiously, no mention of Android or Google is made in the letters despite Android apps being found to also be guilty of allowing apps with the photo-accessing loophole to be distributed through Google Play née Android Market.