On the market for an iPhone? Here's a breakdown of all the currently shipping iPhones from Apple.
Congress Weighs in on iOS Apps Collecting Address Book and Other Personal Data
Last week, controversy erupted when it was discovered that the popular iOS app Path was uploading users' entire address books to the company's servers without alerting users or asking for authorization. While Path quickly deleted all address book data on its servers and updated its app to make the data collection an opt-in service, the issue has cast a fresh light on user privacy issues on iOS.
As noted by The Next Web, U.S. Congressmen Henry Waxman and G.K. Butterfield have now weighed on in the issue, sending a letter to Apple requesting information on the company's data collection policies it imposes on App Store developers.
In a letter to Apple CEO Tim Cook, the legislators state:Butterfield and Waxman have requested that Apple provide answers to a series of questions by February 29, with the topics including Apple's definition of user data, how the App Store review process assesses compliance with guidelines on privacy, and data on how many apps transmit "data about a user" in general and address book data in particular. The Congressmen have also asked Apple to explain why it has not instituted a simple toggle setting for address book sharing as it has for location information.
"This incident raises questions about whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts."
Butterfield and Waxman then quote parts of Apple’s iOS developer website which states that Apple provides a comprehensive collection of tools and frameworks for storing, accessing and sharing data. It is then questioned whether Apple requires apps to request user permission before transmitting data about a user.
It is not terribly unusual for Congress to request information from companies when issues related to consumer protection and privacy arise, and Apple was subject to a similar process when questions about location information arose last year. In that case, Senator Al Franken contacted Apple with questions about the company's policies, with executives from Apple and Google later testifying in a Senate hearing on the matter.
[ 89 comments ]
Top Rated Comments
(View all)
102 months ago
This whole fisaco is why I like to see a list of permissions before installing an app, ala WP7/Android.
Flashlight app wants full internet access, location and contacts? No install for you!
Example:
Flashlight app wants full internet access, location and contacts? No install for you!
Example:
102 months ago
If an app uploads my complete address book to their servers, which is absolutely no ****ing business of theirs, then Apple should refund the money to all purchasers, remove the app permanently, and ban the developer. There is just no excuse in the world for that.
No. Sandboxing isn't about asking permission, it is about being able to do something or not. An app can request the ability to access your address book or not. If it requests it, it can. If it doesn't, it can't. They idea is that when deciding to accept the app or not, Apple will check whether the app has requested the ability, and if the app has any good reason to do so.
Another thing is that Apple can eventually provide sandboxed code to do things. For example, some code that lets the user choose a name from the address book and send an email to that person. That code would live in its little sandbox with access to address book and email. However, the rest of the application wouldn't be able to access the address book. So a game could allow you to send a picture to a friend that way, without itself being able to read your address book.
iOS should display a request when an App requires access to user data (address book, photos, etc), anything that is external to the App itself.
Isn't that what the new App Sandboxing is about in Lion?
No. Sandboxing isn't about asking permission, it is about being able to do something or not. An app can request the ability to access your address book or not. If it requests it, it can. If it doesn't, it can't. They idea is that when deciding to accept the app or not, Apple will check whether the app has requested the ability, and if the app has any good reason to do so.
Another thing is that Apple can eventually provide sandboxed code to do things. For example, some code that lets the user choose a name from the address book and send an email to that person. That code would live in its little sandbox with access to address book and email. However, the rest of the application wouldn't be able to access the address book. So a game could allow you to send a picture to a friend that way, without itself being able to read your address book.
102 months ago
iOS should display a request when an App requires access to user data (address book, photos, etc), anything that is external to the App itself.
Isn't that what the new App Sandboxing is about in Lion?
Isn't that what the new App Sandboxing is about in Lion?
102 months ago
For the love of all things important my people's government- go work on some real fricken issues; and stay the hell out of what you have no clue about.
Oh wait...
So Congress can't do their job 9 times out of 10, and the 1 time they pressure a company to answer legitimate questions regarding consumer privacy you're equally as mad?
102 months ago
Google has a complete record of people's emails, voicemails, websurfing habits (remember, with the new "privacy policy" they are indexing your entire web existence if you use their 8.8.8.8 DNS), Google+ friends and interactions, the list is almost endless.
Slight difference I believe. If I'm using someone's services for my email and contact information - I can pretty much assume - since they are HOSTING that info - they have access to it.
However - this is completely differerent. A private device with personal data which is then being unknowingly uploaded to 3rd parties without consent.
If you don't see the difference, well....
102 months ago
Apple needs to be much more careful about privacy if they insist on making their iOS devices so simplistic that average Joe End User potentially has no idea what a given app is doing behind the scenes as in the Path example. We can't count on XYZ Developer being honest (and asking for permission to, e.g., scan my address book) or competent but the maintainers and enforcers of the Walled Garden certainly ought to be. We're handing off a lot of trust value to Apple to get this right.
102 months ago
So Congress can't do their job 9 times out of 10, and the 1 time they pressure a company to answer legitimate questions regarding consumer privacy you're equally as mad?
Because they have sent how many of these letters in the past 12 months? Why can't they concern themselves with true privacy issues like the FCRA and the credit agencies that sell our private information legally when someone pulls your credit. Ever wonder why you get calls from unknown's after you apply for financing? Google "Trigger Leads".... Why can't they focus on this REAL issue that has been around for 7 years now. This is a real privacy issue... selling your personal information legally @ pennies.
The company that F'd this up apologized, removed the data, and tried to make amends. I do not condone this as to be OK, but I am sick of all these media driven congressmen with a hard on lately when there are far worse privacy issues out there that need addressing.
102 months ago
Read section 17.1 of the iOS guidelines:
"Warning" users is the current solution by obtaining permission before obtaining data to some extent. In Path's case, they were in breech of the guidelines by not doing it.
Had path added a popup with what they intended to do with your contacts with an accept/deny button, things would be fine.
To further...
If apps have to be APPROVED by Apple and Apple has guidelines - then Apple (in my opinion) is just as liable for a breech in security. If you're going to have a TOS - it's up to you (Apple) to enforce it.
102 months ago
Why are people attacking Congressmen for being focused on issues like this? This is a serious issue and something needs to be done by Apple. Political involvment will help escalate the issue. You don't need to have a knowledge of digital security to weigh in on this issue. It's an issue of privacy.
102 months ago
I bet Waxman and Butterfield have mistresses whose addresses they want to keep private.
[ Read All Comments ]
Procreate 5 for iPad got its official release today, introducing a completely rebuilt graphics engine and several notable new features.
Under the hood, the new Valkyrie graphics engine takes...
After a relatively slow Thanksgiving and Black Friday holiday week, rumors came in fast and furious this week. Noted analyst Ming-Chi Kuo was on a roll with several reports outlining expectations for...
In an internal document shared with Apple Authorized Service Providers today, obtained by MacRumors, Apple has indicated that some customers may report that the camera button on the Smart Battery...
Apple earlier this year renewed Apple TV+ show "Dickinson" for a new season, and now casting for new roles has begun ahead of filming.
According to Variety, Finn Jones and Pico Alexander...
Wireless CarPlay has yet to take off with car manufacturers, with BMW (as well its MINI brand) being the first major car manufacturer to support the feature several years ago. As we recently covered,...
For this week's giveaway, we've teamed up with Speck to offer MacRumors readers a chance to win a bundle of iPhone cases that includes a Presidio Stay Clear case, a Presidio Pro case, and a...
Apple today seeded the fourth beta of an upcoming macOS Catalina 10.15.2 update to developers, two weeks after releasing the third beta and over a month after the launch of macOS Catalina 10.15.1.
...
Best Buy began a new sale focused on Apple products today, which is a precursor to its upcoming 12 Days of Deals holiday shopping event. For the Apple sale, Best Buy is discounting a number of...
