Apple Discusses iOS Privacy Issues Before Congress

An anonymous reader writes "Earlier today, Apple's VP of software technology, Guy L. 'Bud' Tribble appeared before a congressional hearing on mobile privacy to address concerns that were first brought to the forefront following the 'location tracking' controversy that emerged a few weeks ago."

Advice

Remember Guy, the fifth amendment is your friend.

Re:Advice

[Runaway1956]

TFS really isn't worth a lot, and TFA seems to be an ego-centric Apple article. But, people who keep up with the news already knew that there were going to be more people than Apple's shills testifying at that hearing. First Google hit on my set of search terms: http://mediadecoder.blogs.nytimes.com/2011/05/10/congress-hears-from-apple-and-google-on-privacy/?partner=rss&emc=rss

You can use your own search terms - or, you can just read the news headlines from most of the major news outlets. It ain't about Apple. It's about citizen's right to privacy.

NoooooO!

Business: "Blah balh balh baahh ab;lhnz'l;kcj[a'j hatever ..."

Congress: " Well balhh abllhaofha;fh;adh;afh"

business: No sir because: "alfja;dfhadf;af;a"

Congress: "You're right. here's some laws that benefit you!"

End of story.

Questioning

[tripleevenfall]

I think Facebook and Google need to be drug out before these commissions as well.

We need serious laws with serious teeth on privacy in every space - home internet, mobile data, and everywhere else. CLEAR opt ins and opt outs, not garbage buried in a TOS document no one reads.

The BIGGEST problem is that most people and corporations think it's OK to collect personal information and location data as long as "this can't be tied back to an individual person". That is NOT OK.

Re:Questioning

[jrj102]

I think Facebook and Google need to be drug out before these commissions as well.

Google did testify. However, where Apple sent a VP, Google sent a lobbyist. I believe you will be able to watch the archived hearings on CSpan once they've been posted.

Re:Questioning

[samkass]

Google also testified today.

Apple sent an Engineering PhD VP to describe the measures they've taken to make sure the potential privacy violations don't happen again.

Google sent a Congressional lobbyist to tell people how wonderful it is that Google can use your personal information to make better products.

Re:Questioning

[Salvo]

Gowalla, Facebook, Twitter, Flickr, Foursquare, Latitude are all opt-in location tracking services. They may need to be dragged out over how easy it is to opt-in, but in the end, it's user choice. Users can refuse these Apps and Services access to the location APIs in iOS.

Android, however would need to reassess their Quasi-Open, Wild-West-style Android Marketplace to combat User Privacy issues. Apps aren't sandboxed away from the Location APIs like in iOS, so Google have no control over whether a users location is being tracked or not. Malware could be installed on an Android that tracks location and the User wouldn't know. Google haven't even come out and stated that they aren't tracking devices.

Apple's crowdsourced location data ends up in a big pool. The data can not only not "be tied back to an individual person", but also can't be tied back to a unique dataset either (which further degrades it's usefulness for data-mining).

Re:Questioning

[Altus]

Is that true for apps that are side loaded onto an android device, or only ones that come from an app store (or only ones that come from googles app store)? Honest question, I don't have a Android device of my own to try it on.

Re:Questioning

[huzur79]

And besides Apple was not tracking data and sending it back to itself either. The tracking was local on the device and stayed local on the device to help the device operate better. BIG difference if it was actually being sent BACK to Apple. And it was not actually tracking a persons location but wifi and tower locations around a person which in itself gives a general location of where a person has been. This issue has been seriously blown out of proportion .

Re:Questioning

[intheshelter]

Could you be any more full of shit? Apple doesn't record the information on their servers dipwad. Apple records information about cell towers and wifi spots to help with aGPS performance.

You've got to extract Google's penis out of your ass for a minute and you may be able to think a little clearer.

Just Like Hearings About The Economic Collapse

[crow_t_robot]

Considering that the hearings about the economic collapse didn't result in any jail time or even any fines for the perpetrators, Tribble should just show up in flip-flops and a t-shirt while drunk and say "What's up, sluts? I hope this isn't going to take very long....yea, we violate privacy but considering you didn't do anything about Wall Street execs that literally raped this country out of trillions of dollars I'm sure as shit you are going to get off your fat asses for some lousy cellphone privacy issues! Peace out, bitches, catch you on the flippity flop!"

Re:Just Like Hearings About The Economic Collapse

[geminidomino]

Wall Street execs that literally raped this country out of trillions of dollars

That word. I do not think it means what you think it means.

Re:Just Like Hearings About The Economic Collapse

[Salvo]

I'm not saying that any Senators could possibly be corrupt, but the banking industry can fund an awful lot of "Lobbyists".

Apple could too, but by sending a Senior Engineer to rationally and logically explain how Apple are doing everything they can to protect user privacy, they are putting forward the idea that Commercial Interests and Customer Privacy can coexist.

It's said the the iPhone is Apple's Product and the User is Apple's Customer, while Users are Google Product and Advertisers are Google's Customer. When the User can no longer be sold, Google's business model collapses.

Maybe that is why Google followed the Banking Industry's lead and sent a Lobbyist

Re:Just Like Hearings About The Economic Collapse

[revscat]

Actually, it does. From New Oxford American Dictionary:

informal used for emphasis or to express strong feeling while not being literally true : I have received literally thousands of letters.

Re:Just Like Hearings About The Economic Collapse

[LordLucless]

So "literal" now means "not literal". Now I'm just hanging out for "true" being an informal use of "false" so we can discard useful communication altogether. Reminds me why I speak English and not American.

Re:The trouble...

[EraserMouseMan]

Yea, no wonder iPhones seem to be multiplying like jack rabbits.

while Apple deserves blame...

While Apple certainly deserves a lot of blame, so do all the people who purchased their products. It has been clear for ages that their model is one of lockdown and control. If you support that kind of thing financially, you bear some of the responsibility for the direction that our society seems to be going: erosion of personal ownership and transfer of control to multinational corporations.

Your actions should reflect how you want the world to be. If you act opposite of that, in the end, you will get exactly what you deserve to get. Buy a machine that treats you as an enemy, and don't act surprised at the results.

This goes for all kinds of things. We now have more and more single player games that require a network connection for permission to play **because people keep buying them**. As long as the next shiny-shiny is more important than how far you have to bend over, we will get what we deserve to get. No laws can ever change this, because laws are a trailing fix; they can't prevent the next form of abuse.

Re:while Apple deserves blame...

[tripleevenfall]

I don't think it's a crime for someone to buy Apple products. Let the free markets be free. However, you understand going in that you're going to be locked in, in some ways - and if you don't, you still bear the weight of that choice because you didn't do your homework.

That being said, it's simply a question of whether it's reasonable to expect that Apple users will move to any other service. No, they will likely not. As we see in practically every marketplace in IT, vendor-lock in is a powerful force.

Re:while Apple deserves blame...

[thetartanavenger]

While Apple certainly deserves a lot of blame, so do all the people who purchased their products. It has been clear for ages that their model is one of lockdown and control. If you support that kind of thing financially, you bear some of the responsibility for the direction that our society seems to be going: erosion of personal ownership and transfer of control to multinational corporations.

Those purchasing deserve blame for what exactly. Yes they lock down their devices, so what. Some people want that, others don't which is why we have competition and alternatives like Android. When Apple crossed a line with personal privacy people stood up and complained and it was resolved. Yes there should be more protections in place to prevent this kind of incident, but those purchasing clearly didn't like what happened and Apple was put in its place. If they didn't, /then/ go ahead and transfer the blame, but until then all the consumers have done is purchase a device in a safe ecosystem that they can't break. If you don't like the restrictions then don't buy it..

Re:while Apple deserves blame...

[Fahrvergnuugen]

Locked into what, exactly?

I keep hearing everyone throw out there that iOS locks you in, but I am failing to see how this is true. All of the content on my iPhone (besides the apps) will work on any device because they're JPGs, MP3s, M4As, etc. Apps aren't portable on any platform (besides Java, and I'm sorry, but there is no such thing as a good cross platform Java app).

The Chewbacca defense

[mrnick]

Dammit! ... They are using the Chewbacca defense!
http://en.wikipedia.org/wiki/Chewbacca_defense

Re:Means

[TaoPhoenix]

Yes it does.

The Corps slid into our fiduciary trust and smoothly moved money in and out of our bank accounts, and becoming quite excited in the process. Then they embraced us and extended us more products. They nearly extinguished the economy.

Re:Trouble with Tribble

[rritterson]

Apple PR failed to remove a lot of the misconceptions about the little location file on the device, so let me take a crack. The location information on the iPhone is not YOUR location, but rather a collection of location data points that includes the cell towers in the local vicinity, some of which could be up to 100 miles away. As a result, the phone is not storing your location, but instead just downloading a bit of cache data so it can look up your location faster when you want it to. That responds to the 'storing' part of your post. With respect to tracking, if you know a way for a navigation app to give you directions and locate you, but not track you, I'd like to hear it. In the meantime, if you would like the phone to NOT know where you are, period, just switch off 'location services', which, as of 4.2.3, also deletes the local cache database.

Meanwhile, all sorts of information about your location is leaked by all the devices you use. One trivial example is your IP address, which, while not a precise locator, gives the other end some idea about where you are (assuming no proxies, etc etc)

Re:Trouble with Tribble

[Salvo]

The only way you have been track an iPhone is if the device is configured to use MS Exchange or MobileMe.

The Device records location data (not your precise location), and uploads location data (without any unique identifiers), but doesn't track your location (unless you tell it too with Apps like Gowalla and Google Latitude).

If Law Enforcement went to Apple and said "I want to know UncleTogie's movements for the last week", and you don't have MobileMe, Apple would have nothing to give them.
They may however use Google Latitude, Gowalla, Foursquare to track you with Public information you posted on purpose, or use Cree.py to track you by Twitter or Flickr pictures. They could also contact your phone company and triangulate you via Cell Towers, as they did to Mitnick in 1995.

Apple AND Google Discuss Privacy Before Congress

[Cogneato]

Is there any chance at all that Slashdot might make a tiny amount of effort to report about Apple and Google in the same tone when they are sitting side by side talking about essentially the exact same stuff?

When you present a story like this in such an slanted way, it begins to reek of the technics used by right-wing radio hosts about stuff they consider liberal. There are plenty of legitimate things to criticize Apple for, that you don't have to reconstruct reality to create new ones.

Re:Trouble with Tribble

[gnasher719]

English Translation: It stores your location, just not very accurately.

Mistranslation. It stores several locations all around the point where the phone was. Now if we ignore the fact that nobody can lay their hands on this data without stealing my phone or computer, in which case (1) my phone or computer is gone, and (2) there are things like email, address book, browser cache that I worry about a lot lot more, and if we ignore the fact that there is very little someone could do with _exact_ information where I have been, information that shows my location within half a mile is completely useless to anyone.

Re:Trouble with Tribble

[Altus]

You know that firefox keeps copies of web sites you visit on your computer. They say its just so that they can load pages faster, but I know that all of that data is being secretly sent to the firefox cabal who are secretly selling that information to the highest bidder. I know because I read about it all on slashdot.

Caches like this are common and for good reason. Sure, it would be better if the file was always encrypted and it would be better if it was trimmed down to only a couple of days worth of data, but all that takes developer time and since this file isn't accessible on phones that have not had their warranty voided I'm sure the developer in question didn't even consider this a problem.

But sure, its much more fun to imagine that there is some kind of grand conspiracy at apple that goes beyond selling a bunch of fucking iPhones and making boat loads of money doing it.

Re:Apple AND Google Discuss Privacy Before Congres

[rsborg]

Is there any chance at all that Slashdot might make a tiny amount of effort to report about Apple and Google in the same tone when they are sitting side by side talking about essentially the exact same stuff?

Apple sent a VP of software tech and Google sent a lobbyist. If I'm going to listen to a lobbyist, they better be paying me money.

Re:How it went...

[DJRumpy]

If you had read the article, you would know that the info Apple stores relates to cell tower locations, and wifi hotspots. No identifying information is sent to Apple at all, and they would have no way of identifying you even if approached by the FBI. They would have to get their hands on your phone, which within a few days, already had a fix to remove the cache after a few days, and you can permanently delete it just by turning off the location services.

If it got to the point where warrants were issued, they could easily collect device specific info from the Cell providers. Apple's data didn't even have device specific identifiers.

Google on the other hand started talking about 'Openess' and finding 'balance', when their response was anything but. They basically stated that they weren't responsible for how the app's handled location data and that it was up to the app developers to be responsible. Of the two, I think Apples response was appropriate, both in patching the bug in the OS, and in anonymizing the data they do collect to begin with.

From TFA:

Subsequently, a notable exchange between Google rep Alan Davidson. Trying to dance around how Google handles location settings in Android, Davidson explained:
We’re trying to increase openness, but it’s not no-holds-barred. We do have a content policy in our market. We don’t go after trucking companies for carrying faulty goods, you go after the manufacturer. There’s a balance.
Not buying it, Senator Sheldon Whitehouse fired back:
You do go after the trucking company if they know what they’re carrying. Google’s in a better position to know what’s going on than a seventeen year old that wants to try a cool app. I don’t think that’s a comfortable analogy for you to rely on.

This kind of response from Microsoft or Apple would never be tolerated on slashdot. This thread just seems to be glossing over Google's response. The proper response from both companies is to work to provide better protections. Apple has already taken those steps within a few days of the bug being reported. Google just sidestepped the question with no commitment to finding a better approach.

Disappointing.

Re:Trouble with Tribble

[Angostura]

You know what, the hard disk in this PC I'm using records *every piece* of personal data that I produce on it, documents, spreadsheets - the lot. It even records some passwords. That's bad right? As far as I know, the data isn't being sent to HP, but do you think I should format the drive every day?