Senator believes they can fix problems themselves

New York Democratic Senator Charles Schumer has reported that both Apple and Google have agreed to meet with him to discuss potential security risks posed by developer access to user data, and that his intention is to encourage the companies to "find a way on their own" to prevent iOS and Android apps from accessing private information without the users' knowledge. He told The New York Times that both companies were "open to the idea."

Schumer expressed confidence that the issue of apps accessing user data, such as address books or photos -- sometimes under the guise of requesting "location" information, sometimes without informing the user at all -- could be resolved by the companies without the need for regulation. He said both companies were "friendly" and acknowledged that changes needed to be made.

Last year, both companies were asked to testify to the US Senate and the Federal Trade Commission (FTC) about the safeguards of user location information after it was discovered that both operating systems kept records of previous locations, though in the case of iOS Apple was able to show that neither developers nor Apple itself had misused the data, but rather had simply not taken steps to encrypt or prevent potential abuse of the data. Apple quickly altered the location-storing code in iOS to delete outdated records more quickly and prevent unauthorized access. Apple has already promised to close unauthorized developer access to other user data in a future iOS update.

Schumer also sent a copy of his letter requesting more information from Apple and Google to the FTC, which would be the next step if the two companies either refuse or cannot come up with a way to better protect user data from being accessed covertly. The FTC has already been vocal in warning tech companies to be more vigilant in protecting consumers' privacy. The agency previously warned that legislation could follow if OS providers didn't do more to make data sharing more transparent to the user and dependent on users' permission.

Though there has been no serious reports of user harm inflicted by developer overreach into private data such as address books and photos, revelations that companies were routinely collecting more user data than they had requested permission to collect stirred a backlash of public reaction and concern. Google, with its core advertising business founded on its ability to provide data about users' habits and already under investigation for abuses, may have a more difficult time finding a middle ground between gathering user data and protecting user privacy, including having to make more of its services feature more opt-ins. The company has already seen a viral backlash against its new privacy policy and is facing charges that the consolidated policy may be illegal in the EU. [via The New York Times]

By Electronista Staff

Post tools:

TAGS :  

industry, security, Google, Android, privacy, Apple, iOS