This article is from the source 'guardian' and was first published or seen on . It last changed over 40 days ago and won't be checked again for changes.
You can find the current article at its original source at http://www.guardian.co.uk/technology/appsblog/2012/mar/23/apple-iphone-apps-privacy-letters
The article has changed 3 times. There is an RSS feed of changes available.
| Version 0 | Version 1 |
|---|---|
| Apple and iPhone app developers face privacy questions from US Congress | Apple and iPhone app developers face privacy questions from US Congress |
| (7 months later) | |
| Two US Congressmen have written to Apple and 33 publishers of social iPhone apps requesting details on how they gather, store and use data on their users, as the row over apps privacy rumbles on. | Two US Congressmen have written to Apple and 33 publishers of social iPhone apps requesting details on how they gather, store and use data on their users, as the row over apps privacy rumbles on. |
| The pair – Henry A. Waxman and G.K. Butterfield – sit respectively on the Congress' energy and commerce committee and its commerce, manufacturing and trade subcommittee. | The pair – Henry A. Waxman and G.K. Butterfield – sit respectively on the Congress' energy and commerce committee and its commerce, manufacturing and trade subcommittee. |
| They are looking for answers following the controversy earlier this year around apps uploading their users' iPhone address books to their servers without asking permission. | They are looking for answers following the controversy earlier this year around apps uploading their users' iPhone address books to their servers without asking permission. |
| Apple chief executive Tim Cook is receiving one of the letters due to his company publishing the Find My Friends app – Apple is separately being questioned by the congressmen over its wider iOS privacy-protection policies. | Apple chief executive Tim Cook is receiving one of the letters due to his company publishing the Find My Friends app – Apple is separately being questioned by the congressmen over its wider iOS privacy-protection policies. |
| The letters are also being sent to some of the most prominent figures and companies in the social networking and mobile industries: Facebook's Mark Zuckerberg, LinkedIn's Jeff Weiner, Twitter's Dick Costolo, Foursquare's Dennis Crowley, Instagram's Kevin Systrom and Pinterest's Ben Silbermann. | The letters are also being sent to some of the most prominent figures and companies in the social networking and mobile industries: Facebook's Mark Zuckerberg, LinkedIn's Jeff Weiner, Twitter's Dick Costolo, Foursquare's Dennis Crowley, Instagram's Kevin Systrom and Pinterest's Ben Silbermann. |
| Path chief executive Dave Morin is also getting a letter. His company's app was the first to be fingered publicly for address-book uploading, although it soon emerged that many more apps were doing the same thing. | Path chief executive Dave Morin is also getting a letter. His company's app was the first to be fingered publicly for address-book uploading, although it soon emerged that many more apps were doing the same thing. |
| The other companies receiving letters are Foodspotting, Synthetic, Turntable.fm, Quora, Eye2i, Tapbots, Remixation, Schematic Labs, Massive Health, Trover, District Nerds, SoundCloud, Hipster, Forkly, Tiny Review, Fashism, Banjo, Localmind, Redaranj, Ness Computing, Socialcam, Piictu, Stamped, Glancee, d3i and SK Planet. | The other companies receiving letters are Foodspotting, Synthetic, Turntable.fm, Quora, Eye2i, Tapbots, Remixation, Schematic Labs, Massive Health, Trover, District Nerds, SoundCloud, Hipster, Forkly, Tiny Review, Fashism, Banjo, Localmind, Redaranj, Ness Computing, Socialcam, Piictu, Stamped, Glancee, d3i and SK Planet. |
| These companies aren't being accused of malpractice, it should be noted. "The apps were selected for the inquiry based on their inclusion in the 'Social Networking' subcategory within the 'iPhone Essentials' area of Apple's App Store," explain the congressmen. | These companies aren't being accused of malpractice, it should be noted. "The apps were selected for the inquiry based on their inclusion in the 'Social Networking' subcategory within the 'iPhone Essentials' area of Apple's App Store," explain the congressmen. |
| "The members want the information to begin building a fact-based understanding of the privacy and security practices in the app marketplace." | "The members want the information to begin building a fact-based understanding of the privacy and security practices in the app marketplace." |
| Each developer is asked nine questions about their app, how they deal with user data, and what privacy policies they have in place. Written responses are required by 12 April. | Each developer is asked nine questions about their app, how they deal with user data, and what privacy policies they have in place. Written responses are required by 12 April. |
| Rivals (and journalists) will be looking forward to the answers to the first question: "Through the end of February 201 2, how many times was your iOS app downloaded from Apple's App Store?" | Rivals (and journalists) will be looking forward to the answers to the first question: "Through the end of February 201 2, how many times was your iOS app downloaded from Apple's App Store?" |
| For now, the enquiry seems to be focused on iOS apps specifically, rather than those on rival platforms like Android, Windows Phone and BlackBerry. | For now, the enquiry seems to be focused on iOS apps specifically, rather than those on rival platforms like Android, Windows Phone and BlackBerry. |
| Action is already being taken outside this enquiry, though. After the initial story about uploading contacts broke, Path and its rivals quickly pushed out updates to their apps to make it clear what information was being uploaded and why. | Action is already being taken outside this enquiry, though. After the initial story about uploading contacts broke, Path and its rivals quickly pushed out updates to their apps to make it clear what information was being uploaded and why. |
| In February 2012, the Californian attorney general brokered an agreement with Apple, Google, Microsoft, RIM, Amazon and HP to force apps developers to be upfront with their privacy policies. The app store owners also agreed to offer ways for their users to report apps that don't comply. | In February 2012, the Californian attorney general brokered an agreement with Apple, Google, Microsoft, RIM, Amazon and HP to force apps developers to be upfront with their privacy policies. The app store owners also agreed to offer ways for their users to report apps that don't comply. |
| Meanwhile, earlier in February, the US Federal Trade Commission made its own recommendation that app stores and developers must provide clearer privacy policies for apps aimed at children. | Meanwhile, earlier in February, the US Federal Trade Commission made its own recommendation that app stores and developers must provide clearer privacy policies for apps aimed at children. |
| "Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information, so that parents can make informed decisions about the apps their kids use," said FTC chairman Jon Leibowitz at the time. | "Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information, so that parents can make informed decisions about the apps their kids use," said FTC chairman Jon Leibowitz at the time. |
| "Right now, it is almost impossible to figure out which apps collect data and what they do with it. The kids app ecosystem needs to wake up, and we want to work collaboratively with industry to help ensure parents have the information they need." | "Right now, it is almost impossible to figure out which apps collect data and what they do with it. The kids app ecosystem needs to wake up, and we want to work collaboratively with industry to help ensure parents have the information they need." |
| As the congressional letters sent out this week show, the pressure for this awakening process is now being applied to a much wider cross-section of the apps industry. | As the congressional letters sent out this week show, the pressure for this awakening process is now being applied to a much wider cross-section of the apps industry. |
| Comments | |
| 24 comments, displaying first | |
| 23 March 2012 9:57AM | |
| I think our own Information Commissioner needs to get to the bottom of this too. Recently we went and stayed in a lovely B&B to attend a wedding and the owner asked me if I would do a Trip Advisor review. I was happy to, but had never used TA before. | |
| So when I try to do the review TA asked me if I was to log in with my facebook account - I have a limited number of friends, don't really use it a great deal and keep my profile private; i.e. all it shows is my name, my gender and my location. However the TA 'app' says that once you log in with this, it will make available:-your email, profile, education, checkins, events, likes and more worrying, your friends education, likes, locations, work histories etc. | |
| Whilst if I had agreed to use the facebook login for Trip Advisor "I" consent to that data being given (in fact I chose not to login with facebook for that reason), I do not, or at least I did not believe, that when I befriended someone on Facebook that that friend then has the right to give away my data to Trip Advisor. I presume this is the same for other 'applications' and on the face of it seems a total invasion of privacy. | |
| Link to this comment: | |
| 23 March 2012 10:10AM | |
| Wholly agree, I am sick to death of getting a plethora of , mostly American based, spam. Its self evident that theses people are getting email addresses from the likes of Facebook, although they are by no means alone. I object to the never ending round of paper through my letterbox and phone calls I don't want, let alone the spam. Yes I know that some of can be stopped and I do request removal from data bases, however, the question is how the hell did they get the details in the first place. | |
| Link to this comment: | |
| 23 March 2012 10:20AM | |
| Having to sign into sites/apps via Facebook is a pain. If I wanted to let people know what I was doing I'd tell them, I don't want my entire viewing history on Netflix, or listening history on Spotify known to the world. | |
| There's usually a non-Facebook way of signing in, but it never seems to be as prominent as the Facebook sign in. | |
| It's something that's become a lot more prevalent over the last few months and it annoys the hell out of me. | |
| Link to this comment: | |
| 23 March 2012 10:29AM | |
| Its self evident that theses people are getting email addresses from the likes of Facebook, | |
| You can prevent your details leaking via friends who use apps: | |
| Go to privacy settings Choose the Apps section Choose How people bring your info to apps they use Tick everything off and Save. | |
| Link to this comment: | |
| 23 March 2012 10:32AM | |
| Thanks rquick. So I have turned it all off. presumably, now Trip Advisor (should a friend sign in) can't take any of my data with them? | |
| Link to this comment: | |
| 23 March 2012 10:35AM | |
| Theoretically, no. But, it's Facebook, so you never know for sure. | |
| Link to this comment: | |
| 23 March 2012 10:37AM | |
| "Six Degrees of Kevin Bacon" We are all connected to each other more than we imagine. Indeed until just a few decades ago everyone knew everyone elses business; front doors left open, working together to provide for each other, who was sleeping with whom, who really was the father of each child. There were always a few who tried to hide; those 19th century census entries in which respondents gave inaccurate details of their origins so as not to be sent back to the workhouse. Then something changed such that social mobility became the norm and with it we became more anxious about what other people knew about us. We all become like those obfuscators of census details. And now we care desparately who knows our business --- despite much of it being a matter of public record (which by the way is the reason banks asking for mother's maiden name is a pointless security question). | |
| It is not what personal information is collected about us. The real issues are who and why it is collected. No I don't want "targetted ads" thank you very much Google; just because I researched Shipman does not mean I want a yacht or West want a compass. I don't want "you'll like these recommendations" thank you very much Amazon --- just because I bought one book by an author or on a specific topic does not mean I want 300 more. Because I live in Scotland or London or Bristol or Southampton does not mean I want products on sale there. I don't want any of those things thank you very much; when I do want them I'll ask real people their real opinions. | |
| My information is mine. If anyone is to profit from it then its me; not Google, Amazon, Apple. (TwitFace already can't because I don't use them.) It is not a commodity to be trade like some sub-prime mortgage. If someone wants it then they'll have to pay ... me. And that goes for market "researchers", want my opinion pay for it, don't phone me on my ex-directory line and expect me to be generous. | |
| Oh yes, my personal "Six Degrees"? 6 as it happens; inherited through people I've done business with over the years. Does that mean I have his ear and can get your script read? Not a chance. | |
| Link to this comment: | |
| 23 March 2012 10:38AM | |
| http://www.technixupdate.com/stop-facebook-friends-to-share-your-online-data-information-with-apps-websites/ | |
| Link to this comment: | |
| 23 March 2012 10:45AM | |
| Thanks again Rquick. Most casual users of FB wouldn't reaslise that their data is being shared by their friends. The default position should be off (i.e. opt in). | |
| I don't use apps so have disabled all as per your instructions. Definitely an area that the Info Comm should put effort into researching and educating the causal facebook users about imho, and pressing FB to make the default position off. | |
| Link to this comment: | |
| 23 March 2012 10:52AM | |
| No one will get my email address from Facebook. I created a one-time use email to set up the account. And none of my contact details are in the account. All of my 'real' friends on Facebook know my email address and phone number. | |
| And I never sign into a site using my Facebook account. | |
| Link to this comment: | |
| 23 March 2012 11:00AM | |
| I use a disposable Yahoo e-mail especially for FB. As soon as I start getting spam on that account, I simply kill it, and create a new one. Up till now I haven't received any spam, but then I got everything ticked off to not leak any info to friend's apps. | |
| Disposable means you have a base and can add something to it. Say, base is johndoe and you add 01 to it, so you get something like johndoe01@yahoo.co.uk. If you use a different addition per site where you register, you'll know immediatly where the spam comes from, and kill that address and create a new extension, so the address becomes johndoe02@yahoo.co.uk (for instance). Prety nifty feature of Yahoo. | |
| Link to this comment: | |
| 23 March 2012 11:06AM | |
| That's a good method, rquick. As I manage my own domain names and mailboxes I have unlimited aliases available, so if I sign up for something like the L.A.Times web site, the address is latimes@domain.com. My facebook account address is facebook@domain.com and so on. These forward to my regular address, so if I get spam I can just look and see what organisation/web site the email is from in the header. | |
| Link to this comment: | |
| 23 March 2012 12:27PM | |
| Cant understand why Cr.apple is not investigated for their policies in terms of which software they allow to run on their gadgets eg flash, wmv etc. Remember microsoft windows and the EU fines for monopoly etc.? At the moment it just means that until you jailhouse break your ipad it is basically a overpriced, useless, piece of rubish. | |
| Link to this comment: | |
| 23 March 2012 12:46PM | |
| Unfortunately that list doesn't have a section for contact info so I wouldn't be surprised if email is still harvest-able by apps. Facebook aren't very explicit about what gets shared and the concessions they make are very difficult to fathom out. | |
| Link to this comment: | |
| 23 March 2012 1:01PM | |
| @rquick 11:00am re Yahoo disposable addresses: I like the concept. However, Yahoo's privacy policy was changed a few months back and it really isn't the kind of place to trust any more. Which is inconvenient for those that have got used to using it for this kind of thing (e.g. me). | |
| Link to this comment: | |
| 23 March 2012 1:43PM | |
| I don't want my entire viewing history on Netflix, or listening history on Spotify known to the world. | |
| I very much doubt if the world could give a flying one about your Netflix or Spotify history. | |
| Link to this comment: | |
| 23 March 2012 2:40PM | |
| Response to OneHandWavingFree, 23 March 2012 10:20AM | |
| I don't want my entire viewing history on Netflix, or listening history on Spotify known to the world. | |
| I very much doubt if the world could give a flying one about your Netflix or Spotify history. | |
| That's not the point (of course). The point is: whoTF knows, at the end of the day? It is a matter of principle. Companies have basically no transparency or accountability, and the little they have may be technically or judicially (big money = lawyers etc) obfuscated. That means the people and the state can "ask them nicely", and they will say "Sure, governor!" and, well, that's OK then, I guess, right - promise? | |
| Link to this comment: | |
| 23 March 2012 2:58PM | |
| Cant understand why Cr.apple is not investigated for their policies in terms of which software they allow to run on their gadgets eg flash, wmv etc. Remember microsoft windows and the EU fines for monopoly etc.? At the moment it just means that until you jailhouse break your ipad it is basically a overpriced, useless, piece of rubish. | |
| Strangely enough if Apple had their way jailbreaking would be a criminal offence. Luckily, on that occasion, the authorities saw sense. | |
| https://www.eff.org/deeplinks/2009/02/apple-says-jailbreaking-illegal | |
| Link to this comment: | |
| 23 March 2012 3:28PM | |
| So you think the EU should tell gadget manufacturers what software they should allow to run on their products? And what file formats and codecs they should support? Should Microsoft be required to allow PS3 games to run on Xbox? In a free market, any company should be free to decide the capabilities of their devices. If the market doesn't like the fact that iPads don't support Flash, or Windows doesn't run Mac OS X applications, then those devices won't sell very well. The only exception should be abuse of a monopoly position (and not the mere existence of a monopoly position). Luckily no-one, least of all Apple, has anything close to a monopoly in any segment of the gadget or PC market. | |
| Link to this comment: | |
| 23 March 2012 3:49PM | |
| There are some things that are with fighting for. What you are talking about is paranoid conspiracy theory and isn't worth a fig. | |
| Link to this comment: | |
| 23 March 2012 3:50PM | |
| "worth" not "with" | |
| Link to this comment: | |
| 23 March 2012 4:00PM | |
| There are some things that are with fighting for | |
| Sounds nice and Hollywood... | |
| conspiracy | |
| Ridiculous, boring, mis-used Hollywood C-word. Here is another: Cliché. There is no need for a Conspiracy. It's called Capitalism. Common sense, nothing more or less. | |
| Link to this comment: | |
| 23 March 2012 4:19PM | |
| Quite right. This personal data has value. A monetary value. It actually belongs to me. I can choose to share it with others in return for services. But it should always be transparent and honest. Like any other transaction. | |
| If others don't care about their data, then fine ! They are in no way affected by this honesty and transparency. | |
| Link to this comment: | |
| 23 March 2012 6:01PM | |
| The only exception should be abuse of a monopoly position (and not the mere existence of a monopoly position). Luckily no-one, least of all Apple, has anything close to a monopoly in any segment of the gadget or PC market. | |
| Did you really mean that no one has anything close to a monopoly (ie no one has "significant market power") in any segment of the gadget or PC market? I'm struggling to believe that you did, but just in case... | |
| Where (or when) can purchasers find this "free market" of which you speak? | |
| Back in 2008 the EU's Competition Commission imposed the biggest fines they'd ever imposed for abuse of monopoly. Around $2Billion. Not Apple, but Microsoft. I can't quickly find out if MS ever paid the fine or (more likely) if it's still grinding through some kind of appeal process. | |
| Similarly back in 2009 Intel were fined over $1.5billion for anti-competitive behaviour: http://news.cnet.com/8301-1001_3-10239487-92.html | |
| There may well be others. There is certainly a 2010 case where Intel were found to have bribed (sorry, "incentivised") Dell to exclusively use Intel and thus keep out AMD, though strictly speaking and rather surprisingly the US SEC's investigation was into Dell's false accounting rather than Intel's abuse of monopoly, and as such Dell not Intel were found to be the guilty party and paid the $100M fine: http://dealbook.nytimes.com/2010/07/22/dell-settles-s-e-c-accounting-suit-for-100-million/ | |
| Microsoft: | |
| The European Commission has added another €899m ($1.35bn) to the fine Microsoft must pay for failing to comply with the original anti-trust ruling in 2004. | |
| The fine covers the period from the 2004 decision to 22 October, 2007. The decision found that Microsoft was charging competitors too much for interoperability information for its servers. | |
| http://www.theregister.co.uk/2008/02/27/ec_fines_microsoft_largest_ever/ | |
| Link to this comment: | |
| Comments on this page are now closed. | |
| Turn autoplay off | |
| Turn autoplay on | |
| Please activate cookies in order to turn autoplay off | |
| Edition: UK | |
| About us | |
| Today's paper | |
| Subscribe | |
| Facebook, Twitter, Foursquare, Instagram and other startups asked to explain their data collection habits | |
| Two US Congressmen have written to Apple and 33 publishers of social iPhone apps requesting details on how they gather, store and use data on their users, as the row over apps privacy rumbles on. | |
| The pair – Henry A. Waxman and G.K. Butterfield – sit respectively on the Congress' energy and commerce committee and its commerce, manufacturing and trade subcommittee. | |
| They are looking for answers following the controversy earlier this year around apps uploading their users' iPhone address books to their servers without asking permission. | |
| Apple chief executive Tim Cook is receiving one of the letters due to his company publishing the Find My Friends app – Apple is separately being questioned by the congressmen over its wider iOS privacy-protection policies. | |
| The letters are also being sent to some of the most prominent figures and companies in the social networking and mobile industries: Facebook's Mark Zuckerberg, LinkedIn's Jeff Weiner, Twitter's Dick Costolo, Foursquare's Dennis Crowley, Instagram's Kevin Systrom and Pinterest's Ben Silbermann. | |
| Path chief executive Dave Morin is also getting a letter. His company's app was the first to be fingered publicly for address-book uploading, although it soon emerged that many more apps were doing the same thing. | |
| The other companies receiving letters are Foodspotting, Synthetic, Turntable.fm, Quora, Eye2i, Tapbots, Remixation, Schematic Labs, Massive Health, Trover, District Nerds, SoundCloud, Hipster, Forkly, Tiny Review, Fashism, Banjo, Localmind, Redaranj, Ness Computing, Socialcam, Piictu, Stamped, Glancee, d3i and SK Planet. | |
| These companies aren't being accused of malpractice, it should be noted. "The apps were selected for the inquiry based on their inclusion in the 'Social Networking' subcategory within the 'iPhone Essentials' area of Apple's App Store," explain the congressmen. | |
| "The members want the information to begin building a fact-based understanding of the privacy and security practices in the app marketplace." | |
| Each developer is asked nine questions about their app, how they deal with user data, and what privacy policies they have in place. Written responses are required by 12 April. | |
| Rivals (and journalists) will be looking forward to the answers to the first question: "Through the end of February 201 2, how many times was your iOS app downloaded from Apple's App Store?" | |
| For now, the enquiry seems to be focused on iOS apps specifically, rather than those on rival platforms like Android, Windows Phone and BlackBerry. | |
| Action is already being taken outside this enquiry, though. After the initial story about uploading contacts broke, Path and its rivals quickly pushed out updates to their apps to make it clear what information was being uploaded and why. | |
| In February 2012, the Californian attorney general brokered an agreement with Apple, Google, Microsoft, RIM, Amazon and HP to force apps developers to be upfront with their privacy policies. The app store owners also agreed to offer ways for their users to report apps that don't comply. | |
| Meanwhile, earlier in February, the US Federal Trade Commission made its own recommendation that app stores and developers must provide clearer privacy policies for apps aimed at children. | |
| "Companies that operate in the mobile marketplace provide great benefits, but they must step up to the plate and provide easily accessible, basic information, so that parents can make informed decisions about the apps their kids use," said FTC chairman Jon Leibowitz at the time. | |
| "Right now, it is almost impossible to figure out which apps collect data and what they do with it. The kids app ecosystem needs to wake up, and we want to work collaboratively with industry to help ensure parents have the information they need." | |
| As the congressional letters sent out this week show, the pressure for this awakening process is now being applied to a much wider cross-section of the apps industry. |