Apple has some explaining to do -- to Congress.
On Wednesday, Democratic Reps. Henry A. Waxman of Beverly Hills and G.K. Butterfield of North Carolina penned a letter to Apple Inc. Chief Executive Tim Cook, requesting information on Apple’s iOS app developer policies and suggesting that perhaps Apple could be doing more to secure iPhone users’ private information -- specifically the email addresses and phone numbers they keep in their phones.
Citing last week’s revelation that the social networking app Path was automatically downloading iPhone users’ address books without permission, the congressmen wrote: “This incident raises questions about whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts.”
Path CEO Dave Morin, who was sent a copy of the letter, swiftly apologized last week for the automatic download and said Path would correct it, but he also noted that such processes were “industry best practice.”
And that is exactly what has Waxman and Butterfield worried.
They’ve been reading the blogs and are concerned about reports that there is a quiet understanding among app developers that it is acceptable to download an app user’s address book and then store it on the company’s database for future reference.
To get to the bottom of it all, Waxman and Butterfield want Cook to describe all of Apple’s iOS app guidelines that relate to privacy and security data that could be accessed or transmitted by an app. They also want to know why Apple does not give users the ability to turn off the transmission of address book information on an app-by-app basis, even though it gives users that ability with location information.
In total, the congressmen provided nine questions and a deadline: They want answers by Feb. 29.
Apple has already answered one of their questions. In a statement received by the Los Angeles Times, the company said apps that collect or tranmit a user’s contact data without their prior permission are in violation of its guidelines.
Apple adds: “We’re working to make this even better for our customers and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”