Skip to main content

Congress Wants Answers Regarding iOS Apps and Privacy

U.S. House Energy & Commerce Committee Chairman Henry Waxman and Commerce Manufacturing and Trade Subcommittee Chair G.K. Butterfield are now asking Apple to provide information on iOS developer policies and practices when it comes to protecting the information of iPhone users and their contacts.

The request stems from a scandal involving the Path iOS app and how it supposedly saved and uploaded to remote servers all of the consumer's address book data without permission. The two claim that if Apple did indeed approve such an app, then there must be some truth to the accusations of improper address book handling and secret data storage. What's more, it's possible similar collection methods are in use by other apps also approved by Apple.

The letter, sent on Wednesday to Apple and CEO Tim Cook, quotes an article written by Dustin Curtis, Stealing Your Address Book, which claims that "there’s a quiet understanding among many iOS app developers that it is acceptable to send a user’s entire address book, without their permission." The letter also references a report claiming that app developers may store the contact details for Mark Zuckerberg, Larry Ellison and Bill Gates.

Meanwhile, developer Burbn Inc silently updated its Instagram photo sharing app to request data access when matching contacts. The update was made shortly after the data collection accusations regarding Path Inc's app began to surface.

Wednesday's letter to Tim Cook and Apple asks the following questions:

* Please describe all iOS App Guidelines that concern criteria related to the privacy and security of data that will be accessed or transmitted by an app.
* Please describe how you determine whether an app meets those criteria.
* What data do you consider to be "data about a user" that is subject to the requirement that the app obtain the user’s consent before it is transmitted?
* To the extent not addressed in the response to question 2, please describe how you determine whether an app will transmit "data about a user" and whether the consent requirement has been met.
* How many iOS apps in the U.S. iTunes Store transmit "data about a user"?
* Do you consider the contents of the address book to be "data about a user"?
* Do you consider the contents of the address book to be data of the contact? If not, please explain why not. Please explain how you protect the privacy and security interests of that contact in his or her information.
* How many iOS apps in the U.S. iTunes Store transmit information from the address book? How many of those ask for the user’s consent before transmitting their contacts’ information?
* You have built into your devices the ability to turn off in one place the transmission of location information entirely or on an app-by-app basis. Please explain why you have not done the same for address book information.

Apple retaliated by providing a public statement right after the letter was received:

"Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines," Apple spokesman Tom Neumayr told AllThingsD. "We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."

The company also admitted that dozens of apps have been accessing, transmitting and storing user contact without explicit permission. These apps include Twitter, Yelp and Foursquare. Now the apps ask permission to access address book data rather than take what they want unknowingly.

  • Zeppelingcdm
    "Wow sorry we got caught guys, next time we'll ask you for all your friends and families phone numbers." This crap all these big companies are trying to pull, (and getting away with it seems) not just Apple either, need to be dealt with. The day when we have nothing private from these big corporations is coming way too fast.
    Reply
  • house70
    " The two claim that if Apple did indeed approve such an app,"
    There is no app in the store that is not approved by Apple. If there were, Cydia would need no jailbreaking.
    Reply
  • EDVINASM
    Apple will now sue Samsung for giving Congress a tip :)
    Reply
  • leakingpaint
    Apple will now sue congress because of a patent they filed 40 years ago regarding the mechanisms by which you could or could not sue them regarding the privacy of things and other stuff no one understands.
    Reply
  • d-isdumb
    Maybe congress should ask their spooks in the FED why they were behind Carrier IQ.
    Reply
  • egidem
    This is precisely why I love my android phone.
    Features that an app accesses, such as calling a phone number accessing the internet or even simple actions such as vibrating the phone, will always be displayed as features that will ask for your permission first, right before you install the app. These permissions are also listed inside the app's manifest xml file.
    Reply
  • velocityg4
    Why is congress wasting their time with this? There are much bigger issues to deal with such as Obama signing the ACTA treaty without congressional approval, overspending of the government, crushing deficit, &c.

    How about focus on real issues not some companies privacy policy. If people don't like Apple's policies they can just get a Blackberry, Android, Windows Phone and so forth. But people don't have a choice when national issues are forced upon them so focus on those.

    Oh, I know why. They hope to put real issues on the back burner and deal with non-issues that no one really cares about. That way whatever the outcome they don't risk losing any votes.
    Reply
  • silver565
    I can't get over how much of a screwed up country america is. They spend their time whinging about iOS policies when their country is falling apart due to over spending.
    Reply
  • ikefu
    The politicians caught on. Apple users are more concerned with their image and phones than they are with economy crippling national debt and government/corporate corruption.
    Reply
  • This story is either stale or factually wrong.

    "U.S. House Energy & Commerce Committee Chairman Henry Waxman and Commerce Manufacturing and Trade Subcommittee Chair G.K. Butterfield"

    These are two Democrats, and the Republicans control the house.
    Reply