Senators raise privacy concerns over Apple's COVID-19 screening app [u]

Posted:
in General Discussion edited April 2020
Democratic senators have reached out to Tim Cook to inquire about how Apple handles personal data on its new COVID-19 screening app and website.

Apple's COVID-19 app
Apple's COVID-19 app


In late March, Apple launched a new app, and a website, with resources to help people stay informed, and take the proper steps to protect their health during the spread of COVID-19.

The app helps users assess risk factors, recent exposure, and symptoms. Following answering the questionnaire, the app will provide the CDC's recommendations on the next steps to take. This includes whether or not a test is recommended at this time, and when to contact a medical provider.

Senators Bob Menendez, Kamala Harris, Cory Booker and Richard Blumenthal sent a letter to Tim Cook on Friday expressing concern for Americans' confidential health data and how it is handled during the screening process. The senators wanted to make sure the app was safeguarding users data, as well as complying with the Health Insurance Portability and Accountability Act (HIPAA.)

They are also asking for information on Apple's agreements with federal and state governments for the development of the app, according to the letter, a copy of which was obtained by Bloomberg.

The senators have acknowledged that Apple says the software doesn't require a sign in, nor does it require the use of an Apple ID. Apple assures users of the site that it only collects anonymous information from users about general site use.

The full letter, sent to AppleInsider by the office of Sen. Menendez:

Dear Mr. Cook,

We write to express our concerns and to obtain information about your company's launch of a virus screening application and website for SARS-CoV-2. As COVID-19 continues to spread, application and website developers are moving quickly to provide reliable at-home risk assessment and symptom screening tools to advise whether individuals should be evaluated for infection. Although, the use of technological innovations and collaboration with the private sector is a necessary component to combating COVID-19, Americans should not have to trade their privacy at the expense of public health needs.

As you know, on March, 27, 2020, the Centers for Disease Control and Prevention (CDC) announced the release of an app and website created by Apple in partnership with the White House Coronavirus Task Force and the U.S. Department of Health and Human Services. The app and website are designed for individuals to complete a questionnaire about their health and exposure to determine if they should seek care for COVID-19 symptoms. Both the website and app guide users through a diagnostic questionnaire, and once completed, provide CDC recommendations on next steps including guidance on social distancing and self-isolating, how to closely monitor symptoms, recommendations on testing, and when to contact a medical provider.

While we acknowledge Apple's statements regarding user privacy and that the questionnaire tools "do not require a sign-in or association with a user's Apple ID, and users' individual responses will not be sent to Apple or any government organization," we are nonetheless concerned for the safety and security of Americans' private health data. Additionally, Apple maintained that although it will not collect personal information, it will collect "some information" to help improve the site without identifying what that information will be.

In the interest of Americans during these unprecedented times, all data collected via Apple's screening tools should remain confidential and must not be used for any commercial purposes in the future. Moreover, Apple should clearly state if the collected information is in compliance with the Health Insurance Portability and Accountability Act (HIPAA). Additionally, we would like to better understand your efforts to keep any collected information safe from potential hackers, foreign state and non-state actors with nefarious intent, and other criminal enterprises.

To address these concerns, please provide answers to the following questions no later than April 10, 2020. We appreciate your efforts to protect Americans and we look forward to your response.

1. Please provide the specific terms of any agreement between your company and the federal government and/or state governments.

2. Are the Apple screening site and app governed under the terms of the HIPAA? If not, please explain why.

3. What are the specific data retention policies regarding any and all information entered into the website and app by individuals?

4. Can individuals who use the website and app access and monitor the data that Apple collects about them?

5. Will Apple commit that it will refrain from using data collected on the website and app for commercial purposes?

6. Will Apple commit to refraining from sharing or selling the data collected on the website and app to third parties?

7. What specific cybersecurity safeguards will be utilized to ensure the security of the data entered on the website and app?

8. Will the website and app be accessible to those with disabilities?

Updated with full letter from Sen. Menendez.

Comments

  • Reply 1 of 20
    Anilu_777Anilu_777 Posts: 282member
    The location is an opt in. You can give your postal code (give a fake one if you like) OR enable location tracking. Morons don’t get tech. 
  • Reply 2 of 20
    thrangthrang Posts: 901member
    We should be tracking any of us that are potentially infectious. These are not normal times, so temporary extraordinary measures should be taken.
  • Reply 3 of 20
    gatorguygatorguy Posts: 23,300member
    The only connection to Apple's network is for downloading images. There's no sharing of your data with either Apple or 3rd parties. 
    edited April 2020 ronn
  • Reply 4 of 20
    apple ][apple ][ Posts: 9,233member
    This sounds like a bunch of grandstanding and I question their motives and I do not trust their intentions.
    dewmeagilealtitudeearlygeek
  • Reply 5 of 20
    BeatsBeats Posts: 2,634member
    Senators who want Apple to build back doors are concerned......
    stompyagilealtitudebshankGG1mike1earlygeek
  • Reply 6 of 20
    Given these people and their track record they're asking apple what it's doing given its usual history towards protecting user data when they want to blow it up with some false sense of protectionism. 
  • Reply 7 of 20
    rogifan_newrogifan_new Posts: 4,297member
    gatorguy said:
    The only connection to Apple's network is for downloading images. There's no sharing of your data with either Apple or 3rd parties. 
    How does it know who’s data this is? I didn’t download the app but the web version doesn’t ask for any identifiable information. It just starts asking questions,
  • Reply 8 of 20
    gatorguygatorguy Posts: 23,300member
    gatorguy said:
    The only connection to Apple's network is for downloading images. There's no sharing of your data with either Apple or 3rd parties. 
    How does it know who’s data this is? I didn’t download the app but the web version doesn’t ask for any identifiable information. It just starts asking questions,
    It doesn't
  • Reply 9 of 20
    lkrupplkrupp Posts: 9,628member
    apple ][ said:
    This sounds like a bunch of grandstanding and I question their motives and I do not trust their intentions.
    Consider the source. Nuff said.
    earlygeek
  • Reply 10 of 20
    slurpyslurpy Posts: 5,328member
    These senators have fucking nothing better to do during this time? Everything is imploding, and they decide they want to spend energy on this, a screening tool that asks for zero identifiable information and asks general questions that anyone can create using a Google form? Incredible.  This has fuck-all to do with HIPAA, these aren't patient records. 


    bshank
  • Reply 11 of 20
    thrang said:
    We should be tracking any of us that are potentially infectious. These are not normal times, so temporary extraordinary measures should be taken.
    Nope. 
    baconstangmike1earlygeek
  • Reply 12 of 20
    slurpy said:
    These senators have fucking nothing better to do during this time? Everything is imploding, and they decide they want to spend energy on this, a screening tool that asks for zero identifiable information and asks general questions that anyone can create using a Google form? Incredible.  This has fuck-all to do with HIPAA, these aren't patient records. 


    Seriously? Most of the government is basically useless as far as I’m concerned and I could save a crap load of tax dollars every year if we just got rid of all the BS that is the government, but if they do anything at all it should be to make sure our rights are being protected. 
    baconstang
  • Reply 13 of 20
    michelb76michelb76 Posts: 309member
    But they didn't with the FBI app? LMAO
  • Reply 14 of 20
    rogifan_newrogifan_new Posts: 4,297member
    gatorguy said:
    gatorguy said:
    The only connection to Apple's network is for downloading images. There's no sharing of your data with either Apple or 3rd parties. 
    How does it know who’s data this is? I didn’t download the app but the web version doesn’t ask for any identifiable information. It just starts asking questions,
    It doesn't
    So what are they questioning then?
  • Reply 15 of 20
    gatorguygatorguy Posts: 23,300member
    gatorguy said:
    gatorguy said:
    The only connection to Apple's network is for downloading images. There's no sharing of your data with either Apple or 3rd parties. 
    How does it know who’s data this is? I didn’t download the app but the web version doesn’t ask for any identifiable information. It just starts asking questions,
    It doesn't
    So what are they questioning then?
    I suppose it's because it's become trendy to question the motives of everyone and everything. Behind every good thing is something nefarious, right?
  • Reply 16 of 20
    slurpyslurpy Posts: 5,328member
    slurpy said:
    These senators have fucking nothing better to do during this time? Everything is imploding, and they decide they want to spend energy on this, a screening tool that asks for zero identifiable information and asks general questions that anyone can create using a Google form? Incredible.  This has fuck-all to do with HIPAA, these aren't patient records. 


    Seriously? Most of the government is basically useless as far as I’m concerned and I could save a crap load of tax dollars every year if we just got rid of all the BS that is the government, but if they do anything at all it should be to make sure our rights are being protected. 

    You seem to have some fucked up priorities. What rights? Doing useless, cheap anti-Apple PR by pretending to be concerned about a screening app (of which thousands of others exist) that is anonymous and asks you general questions? What the fuck does that have to do with rights? In your mind THAT is that they should focus on, instead of, you know, doing whatever they can to minimize the number of infected and providing the best care to those that are? Extremist zealots like you, who would be ok with all their neighbors dying as long as you can "save a few tax dollars",  are terrifying. 
    edited April 2020
  • Reply 17 of 20
    With so many Melendez constituents getting ill and dying in New Jersey, he is exposing that he is batbrain.
  • Reply 18 of 20
    mike1mike1 Posts: 2,802member
    thrang said:
    We should be tracking any of us that are potentially infectious. These are not normal times, so temporary extraordinary measures should be taken.

    Nope. That slope is far too slippery and you can never climb back up.
  • Reply 19 of 20
    bshankbshank Posts: 225member
    slurpy said:
    These senators have fucking nothing better to do during this time? Everything is imploding, and they decide they want to spend energy on this, a screening tool that asks for zero identifiable information and asks general questions that anyone can create using a Google form? Incredible.  This has fuck-all to do with HIPAA, these aren't patient records. 


    Seriously? Most of the government is basically useless as far as I’m concerned and I could save a crap load of tax dollars every year if we just got rid of all the BS that is the government, but if they do anything at all it should be to make sure our rights are being protected. 
    Like the pandemic response team? We now see how we’ll that worked jfc 
  • Reply 20 of 20
    NotMuch-You?NotMuch-You? Posts: 18unconfirmed, member
    If you don't think that Apple is gathering a lot of information that can easily be correlated, I think you need to consider some things:
    - When you use your device at home, remember that (for most people), your IP shows up as the IP provided by your ISP.  As does every other device in your house.  So - if you have an Apple TV, Apple Watch, iPhone, iPad, Mac - all of that data is showing up as coming from one IP address.  Apple knows that IP, and has a good idea of where you live based on that IP.
    - Now imagine all of the data Apple has about you, the apps/services you buy, and the apps/services you use (based on all the information they gather, and can readily correlate based on your Apple ID, your Family Account, and the usage from your IP address)
    - Did you share information with app developers on your Apple device?  Remember, Apple is the app developer in this case, and lots of people enable that setting.

    Do I trust Apple?  Certainly a helluva lot more than I trust other companies.  That being said, please don't assume that they are not collecting and correlating data about everything you do, and everywhere you go, with your Apple devices.


Sign In or Register to comment.