US Congressmen puzzled by Apple's iOS privacy policy
Just days after a sensationalist report by the LA Times suggested that Apple was spying on users' location based on an incorrect understanding of the company's revised privacy policy, two Congressmen, one a chair of the House Privacy Caucus, have demanded that the company answer a series of basic privacy questions.
The original report by David Sarno of the LA Times set off a firestorm of privacy panic three days ago after it suggested Apple was tracking iPhone users' locations in some radical new way that other devices weren't, and assumed that users were powerless to do anything about it.
Under the headline "Apple collecting, sharing iPhone users' precise locations," the article stated that the company had updated its iTunes privacy policy, adding "a paragraph noting that once users agree, Apple and unspecified 'partners and licensees' may collect and store user location data. When users attempt to download apps or media from the iTunes store, they are prompted to agree to the new terms and conditions. Until they agree, they cannot download anything through the store."
Just as the company's supplier responsibility report was turned around by a UK newspaper to make it sound like Apple had been caught violating the law and had been forced to admit that it was "using child labour" in China, the company's revised privacy policy, which transparently explains what information it collects, why, and how users can opt out of the data collection, was spun as a new attempt to spy on users in a way that forced consumers to acquiesce.
Apple may have revealed the location of a girl in 1990!
The report has since been amended twice, once to note that users can turn off Location Services entirely or on a per-app basis, while also stating "there's nothing to indicate that these settings prevent Apple itself from gathering and storing location data from Apple devices," and again two days later to acknowledge that the privacy policy change is not really new at all, but rather simply a restatement of the privacy policy contained in the company's product EULAs, which contained precise language instructing how users can withdraw their consent for system wide and per-app data collection.
What the LA Times failed to report is why the change in presenting the privacy policy was made, and how users can opt out of geographic location data used by Apple's iAd program. Formerly, Apple and third parties used Location Services solely to power features such as locating the device in Maps, Find My Phone, GPS driving directions, and similar applications. With the company's purchase of Quattro Wireless, it's now in the business of display advertising, and can potentially allow third parties to collect geographic and other user information to enable ads to provide more relevant and targeted results.
Other ad networks already do this, both on mobile ad networks like Google's AdMob, and in web advertising banners on the desktop, such as those presented by Google's DoubleClick business. Many users appear to be unaware that Google and other advertisers collect and store information about them to refine ad relevance, without ever asking for permission to use this data. Apple's approach is more cautious about the use of private user information, and more transparently presented to the user for approval, with simple controls to turn Location Services features off and opt out of location-based ads.
New Location Services features in iOS 4
in iOS 4, Apple is enabling iAd and other independent ad networks to collect private information, but limits this data collection exclusively for use in improving ad relevance. Apple's SDK rules specifically forbid developers from including code in their apps that would forward private user information to third parties for any other reason, something Jobs characterized as granting users "freedom from programs that steal your private data."
The rules also forbid developers from sending private user information from their App Store titles to Apple's competitors, presumably including Google and Microsoft, which could be used to help those companies to gain deep insight into how Apple's App Store works as a sort of industrial espionage.
Because Apple's iAd is implemented system-wide and can be used across a variety of apps, Apple now includes the privacy policy text in the user agreement for the iTunes Store in general, and forces users to acknowledge and accept the policy before downloading any new apps that may include iAds. Accepting the privacy policy wording does not mean that users have to accept that their location data will be actually used however. Users can, at any time:
Turn off Location Services off system wide (which means GPS-enabled apps won't work at all. This has always been possible)
Turn off Location Services within a specific app (preventing that app from determining the user's location; users have to first explicitly opt-in to Location Services on a per-app basis before the app can look up their location, so turning an app off is only necessary if the user has allowed the app to access location data. This is new in iOS 4)
Opt out of iAd's use of Location Services by going to Apple's "Opt Out" URL from the device: http://oo.apple.com (which will prevent iAds from using location data to customize the ads it presents in apps that use the ad network. This is also new in iOS 4, which premieres the iAd program.)
In iOS 4, Apple also highlights the active use of Location Services (whenever the device's geographic data is being accessed by an app or the system, whether using GPS or Skyhook Wireless' WiFi triangulation data for determining location) with an arrow icon in the top bar of the iPhone's screen. This extra transparency was added in part because apps can now ask the user (via the operating system) to obtain Background Location updates even when they are not running.
If the user approves, the system will track the device's location, then wake the app at regular intervals to provide it with an update it can use to trigger local actions (in the case of an app like Tasker that tracks tasks related to the user's location) or send an update to a cloud service, such as a social networking service like Loopt or Google's Latitude, which track the position of users and their friends.
In comparison, Android phones don't have a standardize system of location lookup. Google offers its own alternative to Skyhook's WiFi location, one that does not work very accurately. Android hardware vendors, however, can implement their own location services, as Motorola has in partnering with Skyhook (like Apple did back in 2007) rather than using's Google's own, flawed location system. There is, therefore, no single entity that controls how locations services work on Android, and subsequently nobody that can enforce privacy policy on behalf of users as Apple does on its iOS platform.
Are you now or have you ever been a member of the Location Services Party?
Despite Apple's clear and unambiguous disclosure of its privacy policy, which seeks to safeguard users' privacy on a level that other smartphone platforms do not, the Washington Post reports that Congressmen Edward J. Markey (D-Mass.) and Joe Barton (R-Texas), the co-chairman of the "House Bi-Partisan Privacy Caucus," have "sent a letter to Apple CEO Steve Jobs asking about recent press reports that the company has updated its privacy policies to alert users that it is collecting and using information about users' precise geographic location."
The letter asks the company to "please explain in detail why Apple decided to begin collecting location data at this time, and how it intends to use the data," apparently completely ignorant of the fact that mobile and desktop ad networks have been using user data, including location data, for years without disclosing this to the user in an accessible, transparent manner.
The letter also asks if Apple is "sharing consumer location information collected through iPhones and iPads with AT&T or other telecommunications carriers," as if mobile operators didn't already know the location of their subscribers based on the fact that mobile devices have to identify their location to cell towers to receive service.
Apple's answers to the questions are demanded by the middle of July, at which time they are likely to be publicly published.
The original report by David Sarno of the LA Times set off a firestorm of privacy panic three days ago after it suggested Apple was tracking iPhone users' locations in some radical new way that other devices weren't, and assumed that users were powerless to do anything about it.
Under the headline "Apple collecting, sharing iPhone users' precise locations," the article stated that the company had updated its iTunes privacy policy, adding "a paragraph noting that once users agree, Apple and unspecified 'partners and licensees' may collect and store user location data. When users attempt to download apps or media from the iTunes store, they are prompted to agree to the new terms and conditions. Until they agree, they cannot download anything through the store."
Just as the company's supplier responsibility report was turned around by a UK newspaper to make it sound like Apple had been caught violating the law and had been forced to admit that it was "using child labour" in China, the company's revised privacy policy, which transparently explains what information it collects, why, and how users can opt out of the data collection, was spun as a new attempt to spy on users in a way that forced consumers to acquiesce.
Apple may have revealed the location of a girl in 1990!
The report has since been amended twice, once to note that users can turn off Location Services entirely or on a per-app basis, while also stating "there's nothing to indicate that these settings prevent Apple itself from gathering and storing location data from Apple devices," and again two days later to acknowledge that the privacy policy change is not really new at all, but rather simply a restatement of the privacy policy contained in the company's product EULAs, which contained precise language instructing how users can withdraw their consent for system wide and per-app data collection.
What the LA Times failed to report is why the change in presenting the privacy policy was made, and how users can opt out of geographic location data used by Apple's iAd program. Formerly, Apple and third parties used Location Services solely to power features such as locating the device in Maps, Find My Phone, GPS driving directions, and similar applications. With the company's purchase of Quattro Wireless, it's now in the business of display advertising, and can potentially allow third parties to collect geographic and other user information to enable ads to provide more relevant and targeted results.
Other ad networks already do this, both on mobile ad networks like Google's AdMob, and in web advertising banners on the desktop, such as those presented by Google's DoubleClick business. Many users appear to be unaware that Google and other advertisers collect and store information about them to refine ad relevance, without ever asking for permission to use this data. Apple's approach is more cautious about the use of private user information, and more transparently presented to the user for approval, with simple controls to turn Location Services features off and opt out of location-based ads.
New Location Services features in iOS 4
in iOS 4, Apple is enabling iAd and other independent ad networks to collect private information, but limits this data collection exclusively for use in improving ad relevance. Apple's SDK rules specifically forbid developers from including code in their apps that would forward private user information to third parties for any other reason, something Jobs characterized as granting users "freedom from programs that steal your private data."
The rules also forbid developers from sending private user information from their App Store titles to Apple's competitors, presumably including Google and Microsoft, which could be used to help those companies to gain deep insight into how Apple's App Store works as a sort of industrial espionage.
Because Apple's iAd is implemented system-wide and can be used across a variety of apps, Apple now includes the privacy policy text in the user agreement for the iTunes Store in general, and forces users to acknowledge and accept the policy before downloading any new apps that may include iAds. Accepting the privacy policy wording does not mean that users have to accept that their location data will be actually used however. Users can, at any time:
Turn off Location Services off system wide (which means GPS-enabled apps won't work at all. This has always been possible)
Turn off Location Services within a specific app (preventing that app from determining the user's location; users have to first explicitly opt-in to Location Services on a per-app basis before the app can look up their location, so turning an app off is only necessary if the user has allowed the app to access location data. This is new in iOS 4)
Opt out of iAd's use of Location Services by going to Apple's "Opt Out" URL from the device: http://oo.apple.com (which will prevent iAds from using location data to customize the ads it presents in apps that use the ad network. This is also new in iOS 4, which premieres the iAd program.)
In iOS 4, Apple also highlights the active use of Location Services (whenever the device's geographic data is being accessed by an app or the system, whether using GPS or Skyhook Wireless' WiFi triangulation data for determining location) with an arrow icon in the top bar of the iPhone's screen. This extra transparency was added in part because apps can now ask the user (via the operating system) to obtain Background Location updates even when they are not running.
If the user approves, the system will track the device's location, then wake the app at regular intervals to provide it with an update it can use to trigger local actions (in the case of an app like Tasker that tracks tasks related to the user's location) or send an update to a cloud service, such as a social networking service like Loopt or Google's Latitude, which track the position of users and their friends.
In comparison, Android phones don't have a standardize system of location lookup. Google offers its own alternative to Skyhook's WiFi location, one that does not work very accurately. Android hardware vendors, however, can implement their own location services, as Motorola has in partnering with Skyhook (like Apple did back in 2007) rather than using's Google's own, flawed location system. There is, therefore, no single entity that controls how locations services work on Android, and subsequently nobody that can enforce privacy policy on behalf of users as Apple does on its iOS platform.
Are you now or have you ever been a member of the Location Services Party?
Despite Apple's clear and unambiguous disclosure of its privacy policy, which seeks to safeguard users' privacy on a level that other smartphone platforms do not, the Washington Post reports that Congressmen Edward J. Markey (D-Mass.) and Joe Barton (R-Texas), the co-chairman of the "House Bi-Partisan Privacy Caucus," have "sent a letter to Apple CEO Steve Jobs asking about recent press reports that the company has updated its privacy policies to alert users that it is collecting and using information about users' precise geographic location."
The letter asks the company to "please explain in detail why Apple decided to begin collecting location data at this time, and how it intends to use the data," apparently completely ignorant of the fact that mobile and desktop ad networks have been using user data, including location data, for years without disclosing this to the user in an accessible, transparent manner.
The letter also asks if Apple is "sharing consumer location information collected through iPhones and iPads with AT&T or other telecommunications carriers," as if mobile operators didn't already know the location of their subscribers based on the fact that mobile devices have to identify their location to cell towers to receive service.
Apple's answers to the questions are demanded by the middle of July, at which time they are likely to be publicly published.
Comments
Are you now or have you ever been a member of the Location Services Party?
Nice!
Apple may have revealed the location of a girl in 1990!
This one was too esoteric for me.
As the article states above ...... "completely ignorant" ....... the ongoing problem with the Federal Government.
So let me get this straight. Apple has clear, defined language specifying what data they are collecting and what they are using the data for, and that it is anonymous. They also have clear, defined language specifying the user's right to opt out of said data collection and a clear, defined procedure on how to opt out. Where, again, is the confusion?
yeah, the way advertising companies collects data to target users are really creepy if you put it into words and say it out loud. I never understood how there's no mandatory opt-out mechanism.
The letter asks the company to "please explain in detail why Apple decided to begin collecting location data at this time, and how it intends to use the data," apparently completely ignorant of the fact that mobile and desktop ad networks have been using user data, including location data, for years without disclosing this to the user in an accessible, transparent manner.
As the article states above ...... "completely ignorant" ....... the ongoing problem with the Federal Government.
I agree with that. However I would like to point out that Google has spent a small fortune lately lobbying in Washington. Perhaps Apple should do the same?
Always good to have a few senators and judges in your pocket -ask BP!
Don't these politicians have other businesses to mess with?
of course they do?or they should.
i'm sure it's one of apple's competitors who are nudging their pocket politicians into creating more bad press for apple.
why isn't congress looking into the privacy policies of facebook and google?
why isn't congress looking into the privacy policies of facebook and google?
Facebook has no money and Google already pays them money.
... I never understood how there's no mandatory opt-out mechanism.
I never understood why it's not mandatory that one opt in before they can collect data about you. (And, please, lets not hear the counterargument that you "opt in" by using apps and websites that track you. There is no honest and full disclosure about what they are doing, so you can't be construed as giving consent to something you don't even understand is happening. We all know that the reason no one will voluntarily adopt an opt in policy is that no one would ever opt into it.)
On the other hand, this investigation could end up being a good thing. I think most people in Congress are completely ignorant about what's going on. I think it's also likely that Apple's response will point out all the other ad networks that are doing things well beyond what they are, and not being nearly as transparent about it. Perhaps this will serve as a wake-up call to Congress that it's time to do something real to protect the privacy of American citizens. A corporate TIA program is just as big a danger as a government TIA program, perhaps more so, since corporations are even less accountable.
So let me get this straight. Apple has clear, defined language specifying what data they are collecting and what they are using the data for, and that it is anonymous. They also have clear, defined language specifying the user's right to opt out of said data collection and a clear, defined procedure on how to opt out. Where, again, is the confusion?
The confusion is that these old fart Congressmen have Apple confused with Google.
Of course, in its defense, there's always the off switch, and if you're looking to avoid shady figures, the first thing you'll do is ditch your phone.
I agree with that. However I would like to point out that Google has spent a small fortune lately lobbying in Washington. Perhaps Apple should do the same?
Always good to have a few senators and judges in your pocket -ask BP!
Bingo! Apple will have to start paying. How else do you think BP has congresscriters defending them--even as they ruin the gulf? US congress is pay to play...BIG TIME!
People need to be aware of new technologies like location services. It's so 1984 I can't believe anyone actually wants to use it. I feel a lot more secure using a traditional stand-alone GPS that simply looks for satellites, rather than a system where all kinds of people can potentially know where you are.
Of course, in its defense, there's always the off switch, and if you're looking to avoid shady figures, the first thing you'll do is ditch your phone.
+1 Insightful
How to use large, specific data sets to identify people based on behavior patterns:
http://userweb.cs.utexas.edu/%7Eshma...k08netflix.pdf
See also:
http://pleaserobme.com/
I never understood why it's not mandatory that one opt-in before they can collect data about you.
On the other hand, this investigation could end up being a good thing. I think most people in Congress are completely ignorant about what's going on. I think it's also likely that Apple's response will point out all the other ad networks that are doing things well beyond what they are, and not being nearly as transparent about it. Perhaps this will serve as a wake-up call to Congress that it's time to do something real to protect the privacy of American citizens. A corporate TIA program is just as big a danger as a government TIA program, perhaps more so, since corporations are even less accountable.
Thank you. Unlike many of the knee-jerk reactions above, someone is actually using their head for more than a vessel to grow hair.
Yes, some of these lawmakers are ignorant douches, and it's unlikely they have a clue about what Apple is doing, nor what Android and others are doing, but there are multiple layers here. Guys, read this part again: This sure sounds likes a procedural restriction, i.e. a contractual restriction, not a technical restriction. Hopefully Apple's app acceptance test are really, really good at tracking stuff down like this. But at the end of the day, if a developer is devious, that stuff can be very difficult to find. I'd like Daniel to dig a bit further on this, making sure to remove the fanboy hat while doing so. (Don't worry, I wear one most of the time as well, but real-time location tracking without prior opt-in consent crosses the line for me, and because one needs to sign off on this to use the iTunes store, I'm yet to be convinced that isn't happening - at least by Apple itself).
Yes, Apple appears to be taking a much more responsible path on this than other mobile manufacturers and developers, and that's great and I applaud this as a good start. But if Exxon released "only" a million gallons of oil off our Pacific coast tomorrow I can't imagine citizens standing up and bragging about how great they are because "others, like BP are really crappy and spill much more than Exxon does".
So Daniel: one immediate question I have is not about 3rd party developers, but can/does Apple itself collect real-time location information regardless of user settings. It sounds like they can. Anyone have more detailed info on that?
The confusion is that these old fart Congressmen have Apple confused with Google.
Hah, not from the free dinner standpoint! Google is one of the biggest D.C. lobbyists now.
Maybe this'll set a precedent that allows for more privacy from all connected GPS packing personal devices. The sooner this is out of the way, and the earlier in the process of everyone having an internet device in their pocket, the more set in stone it will be. I'm sure it's not great for shareholders short term, but it's good for even their privacy. Plus it's one more reason I'm hesitant about OS 4.