New MacBook Pros are here! Get the lowest prices anywhere: Apple Price Guides updated Aug 19th (exclusive coupons)
 


Wednesday, March 14, 2012, 03:37 pm PT (06:37 pm ET)

Congress requests privacy briefing in letter to Apple CEO Tim Cook

In a letter to Tim Cook on Wednesday, members of a U.S. Congress subcommittee requested that Apple send a representative to Washington to brief government officials on what the company is doing to protect the personal information stored on iOS devices.

The House Committee on Energy and Commerce claims that Cook's initial response to a letter sent in February regarding iOS privacy practices was insufficient, and is asking that Apple give more detailed information as to what the company is doing to protect its customers, reports VentureBeat.

Representative Henry A. Waxman, ranking member of the Energy and Commerce Committee, and ranking member of the Subcommittee on Commerce, Manufacturing, and Trade, Rep. G.K. Butterfield, write that Apple's March 2nd response did "not answer a number of the questions we raised about the company’s efforts to protect the privacy and security of its mobile device users."

The officials go on to voice concern over certain iOS apps having access to photos as well as unnamed "tools" provided by Apple that can lead to unwanted "online tracking." It is unclear whether the statement is in regard to a recent call for an FTC investigation over a loophole that allows an app to upload photos if it authorized to access location data. Because the photos were geo-tagged, it is conceivable that a user's could be tracked as long as they kept taking pictures with location data turned on.

Congress Letter

Click for PDF.


The security of iOS was first questioned when it was discovered that social networking app "Path" was uploading information from users' address books to its servers without first asking permission. The so-called "feature" was meant to allow for a more streamlined experience when adding friends, and in doing so illustrated a vulnerability that could be exploited by malicious apps to retrieve a user's personal information.

Shortly after the discovery, Path issued an apology and changed the way it handled sensitive information. Apple followed suit and updated iOS, requiring that apps first ask for user permission before accessing a device's address book.