Slashdot Mirror

← Back to Stories (view on slashdot.org)

US Congress Probes iOS App Developers On Privacy

Posted by timothy on from the they're-looking-for-tips dept.

hypnosec writes with the arguably welcome news that "[The U.S.] Congress is gathering further information on iOS developers and how they deal with and implement privacy policies. The Next Web got hold of a letter from Congress which had been sent out to Tapbots, along with some 32 other iOS developers, including both Twitter and Facebook, and the devs of Path, SoundCloud, Foodspotting and Turntable.fm. The apps were picked because they come under the social networking umbrella in the 'essentials' area of the App Store. The letter begins: 'We are writing to you because we want to better understand the information collection and use policies and practices of apps for Apple's mobile devices with a social element.' What follows is a series of eight questions designed to gather more details regarding the popularity of the app in question, and the privacy policy to which it holds (and how it's made known to users)."

32 of 52 comments (clear)

  1. If I got a letter by alvinrod · · Score: 4, Insightful

    If I got a letter like that, I'd tell the government that as long as they support the actions of groups like the TSA, they have no business at all asking anyone else about their privacy policies or trying legislate privacy rights. They probably won't like being told to pound sand, or having the truth thrown in their faces, but those assholes deserve it.

    1. Re:If I got a letter by mlow82 · · Score: 2

      Just because the government may have questionable privacy policies, doesn't mean that app developers shouldn't be held to the same standards. I want BOTH developers and the TSA to respect my privacy.

    2. Re:If I got a letter by toriver · · Score: 1, Flamebait

      Nor are most planes. Does the TSA security theater actually make you safer? In which case, should it not be sufficient that Apple has a screening process to make you safe from privacy concerns? They are the TSA of the App Store.

    3. Re:If I got a letter by kthreadd · · Score: 3, Insightful

      Since no one has flown a plane into a building under their watch it's hard to say that they are ineffective, for all we know it's possible that they have stopped several such attempts. There are other reasons why TSA is a bit suboptimal. We can't prove that they make us safer, we can only disprove it once they don't.

    4. Re:If I got a letter by GmExtremacy · · Score: 2

      Since no one has flown a plane into a building under their watch it's hard to say that they are ineffective

      Correlation does not equal causation. For instance, do you know what else we've improved since then? Cockpit security. And we have increased civilian awareness about the dangers of successful plane hijackings.

      Besides, none of this is an excuse to violate people's privacy.

    5. Re:If I got a letter by Hognoxious · · Score: 1

      Obviously the TSA's fearsome reputation is acting as a deterrent.

      Want to buy some elephant powder?

      --
      Confucius say, "Find worm in apple - bad. Find half a worm - worse."
    6. Re:If I got a letter by MysteriousPreacher · · Score: 2

      Correlation does not equal causation. For instance, do you know what else we've improved since then? Cockpit security. And we have increased civilian awareness about the dangers of successful plane hijackings.

      This! It's why we've not seen a repeat of planes being used as missiles. Prior to 9/11, in America when hijacked it seemed best to simply behave and hope to be released when the plane lands wherever it'll end up. On realising that terrorists are on suicide runs, passengers have become far more likely to risk tackling them, and the security of cockpit doors makes it far more difficult anyway to grab the controls. We need a proper and impartial study of TSA policy to separate the useful from the pointless. We need to examine everything they do, and ask the following questions.

      1) Is doing x effective in either interrupting attacks or by deterring them? If having me take off my shoes actually has some use outside of absolutely fringe cases, then do it. Does intelligence suggest that restricting liquids and having us remove our shoes has had an appreciable impact on terrorists? Economically, does this security theatre make passengers feel safer, thus making them more likely to travel?

      2) Is it worth the inconvenience and intrusions in to privacy? We can never have 100% security, even if all passengers were strip searched and background checked before being allowed to board. Everything done is about trade-offs and level of risk aversion. How far are we willing to go, and how many rights being taken away, before we say "fuck it" and just go with something workable but not as secure? Acceptance of the DHS seems akin to appointing a Caesar to ensure that we all sleep safely at night, the price be damned. I'm particularly skeptical when I see the DHS sprawling over in to areas that have fuck all to do with the original reason the agency was created. It's as if the National Guard were to be given jurisdiction over parking violations, tackling the problem with the tools originally provided for tackling military attacks. In the UK we've actually seen something similar in how anti-terror legislation has been used by local councils for pursuing people for leaving their bins out on the wrong days. The extradition treaty too is a nice example of something put in to place ostensibly to tackle serious crimes, such as terrorism, being used for white collar stuff that should have either been brought as charges in the UK, or America being politely told to take a hike. If it's not a crime in the UK, or the DPP decides it has insufficient evidence to prosecute in British courts, then don't extradite.

      Look as well at the situation at UC Davis where rentacops used pepper spray to discomfit peaceful protestors. Pepper spray and similar are used to tackled people where there's a serious risk of violence - not as a convenient way to shift a bunch of people seated peacefully in protest.

      --
      -- Using the preview button since 2005
    7. Re:If I got a letter by Dhalka226 · · Score: 2

      Yeah, I definitely think the best course of action is to refuse to help somebody who is going to pass laws of importance to you, all but guaranteeing a suboptimal-at-best law. "YOU'RE NOT PERFECT, STOP TRYING TO BE BETTER!" is a fantastic rallying cry.

      Talk about cutting off your nose to spite your face.

    8. Re:If I got a letter by Travelsonic · · Score: 1

      Insightfull?
      If they had, they would gloat about it as they always do. Fact is, it is impossible to tell if it is the TSA - or a combination of them. DHS, non-govt, ACTUAL law enforcement, or the terrorists not targeting planes in that fashion anymore. It is easy, given their record however, to doubt the TSA playing a big role in it. Not to mention, you could look at all the time BEFORE the TSA, BEFORE 9-11 where we went without a 9-11, and look at your point, and go "so what?

      --
      If you believe in privacy, and believe you have "nothing to hide" at the same time, you're a goddammed idiot
    9. Re:If I got a letter by gnasher719 · · Score: 1

      Just because the government may have questionable privacy policies, doesn't mean that app developers shouldn't be held to the same standards.

      I think what you wrote might not be what you actually meant. At least I hope so :-)

  2. Man that sounds like fun by Osgeld · · Score: 2

    Nothing like a government probe in your i

  3. Government regulated apps. by SpaceCadetTrav · · Score: 2

    What could go wrong?

    --
    Life in Orange County
    1. Re:Government regulated apps. by artor3 · · Score: 4, Insightful

      Nothing, if the regulation is simply making sure that they have reasonable, human-readable privacy policies.

      Stop drinking the all-regulation-is-evil koolaid. Haven't you ever noticed that the same people pushing it are the ones who make billions by abusing unregulated markets?

    2. Re:Government regulated apps. by NotQuiteReal · · Score: 2, Interesting

      Stop drinking the all-regulation-is-good koolaid. Haven't you ever noticed that the same people pushing it are the ones who make billions by abusing "regulated" markets?

      --
      This issue is a bit more complicated than you think.
    3. Re:Government regulated apps. by sdnoob · · Score: 1

      just because a policy exists and is human readable does not mean it is actually honored and implemented. trust in the developer is at least as important.

  4. If Iphone users cared about their privacy by MadMaverick9 · · Score: 2

    this comment says it all ....

    http://yro.slashdot.org/comments.pl?sid=2743843&cid=39459975

  5. Arkell v. Pressdram by Fnord666 · · Score: 4, Interesting

    To what degree do developers of iOS applications have any obligation whatsoever to fill this form out and return it? What happens if you simply give them the same response given in Arkell v. Pressdram?

    --
    'The tyrant will always find pretext for his tyranny.' - Aesop's Fables
    1. Re:Arkell v. Pressdram by TheLink · · Score: 1

      Not all IOS App devs are under US jurisdiction (officially at least). If Congress wants those devs to actually care they should convince Apple to convince them.

      --
    2. Re:Arkell v. Pressdram by sam31415 · · Score: 1

      They have no obligation at all; the letters are requests. However... if they don't reply, the committee will likely assume the worst about their privacy practices. It's probably in the developers' collective best interests to convince Congress that some amount of self-regulation is occurring. (The last question is even "(9) Please list all industry self-regulatory organizations to which you belong.")

    3. Re:Arkell v. Pressdram by kthreadd · · Score: 1

      Doesn't really matter. You are supposed to follow the laws and regulations in all countries where your app can be used. That's why responsible developers restrict their app to only work in their own country.

  6. Lobbying can work by symbolset · · Score: 1

    A little back-channel grease will slick the skids for your competition. Google's having these troubles too, both in the US and in China. It's just stalling though and will come to nothing.

    You see, even if you have the entire government in your pocket you still have to come out with a desirable product.

    --
    Help stamp out iliturcy.
    1. Re:Lobbying can work by GmExtremacy · · Score: 1

      Grand slam!

  7. and the privacy policy by bugs2squash · · Score: 1

    to which it holds...

    --
    Nullius in verba
  8. Its better not to piss off those who can ... by perpenso · · Score: 1

    To what degree do developers of iOS applications have any obligation whatsoever to fill this form out and return it? What happens if you simply give them the same response given in Arkell v. Pressdram?

    Its better not to piss off those who can write the legislation that can screw up your business or industry. Its better for them to view you as cooperative and reasonable. That way when legislation is proposed that affects your business or industry you can speak with them from a more favorable position. If you had previously been cooperative and reasonable then your opinion will have more weight. This doesn't guarantee things will ultimately go your way but the odds of a good outcome are better when starting the relationship in a friendly manner than in the F U manner.

  9. Where gonna go? Android? by SuperKendall · · Score: 2

    If Iphone users cared about their privacy

    Any MOBILE user who cared about privacy would buy an iPhone

    Because then the Apple sandbox mostly protects you (fully after the next iOS update which adds permission around the address book).

    With Android any old thing that comes down the pike can rape you, privacy wise, and drain your battery for extra good measure to send off your treasured data.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
  10. Business - the game by SuperKendall · · Score: 1

    /=/=/=/=/=/=/C-O-N-G-R-E-S-S\=\=\=\=\=\=\

    Congress has noticed you exist. Lose one turn.

    --
    "There is more worth loving than we have strength to love." - Brian Jay Stanley
    1. Re:Business - the game by TaoPhoenix · · Score: 1

      No Kidding -

      I have been idly itching to make a couple of versions of Business The Game. One would be in conjunction with Wizards of the Coast using MTG type play. Or Monopoly. You know, it's all the same themes, but they were so harmless on the first go around (the 1980's). By now they built the Hotel on Copyright Place, so each successive power grab at a bill is much nastier.

      I can already see the sets - the 9-11 Security Theater set, the Copyright set, the Defend the Kiddies set, the Patent Lawsuit set, and more.

      It's only down to whether free speech is alive enough to let that happen or whether some junk libel/slander lawsuit takes it down.

      Seriously, using a Combo Approach to current news every seventh article or so, is leading to scary results.

      --
      My first Journal Entry ever, in 8 years! http://slashdot.org/journal/365947/aphelion-scifi-fantasy-horror-poetry-webzine
  11. Powers of Congress?! by Ragetech · · Score: 1

    Where does it say in the constitution that congress is responsible for being a consumer or even privacy watchdog? Isn't that the responsibility of the FTC Bereau of Consumer Protection, CFPB (Consumer Financial Protection Bureau), the newly created Department of Consumer Protection or the CPSC (Consumer Protection Safety Commission)? See below for links.. these are separate organizations of government.

    I think the congressional hearings are far, far too used. I watch as ignorant senators call up Goldman Sachs or Toyota and grill them on practices and safety. Meanwhile, they can't pass a budget for the bloated, ignorant government to run on. Senators act like royalty, yet they're the ones trading on insider information and often the ones who caused the problem with restrictive laws or regulations in the first place.

    The gut instinct of all of us, when we see an article like this,l is to say, "My privacy is important!" and to be a little thankful for the government to be the oversight when we feel powerless, *yet* its the government who is tapping out phones, e-mails and electronic communication illegally. Am I the only one who recognizes how bad things have become??!

    -- Ragetech

    Links:
    http://www.ftc.gov/bcp/consumer.shtm - FTC
    http://www.consumerfinance.gov/ - CFPB
    http://www.ct.gov/DCP/site/default.asp - Department of Consumer Protection
    http://www.cpsc.gov/ - CPSC

  12. Tell you what by realinvalidname · · Score: 1

    As soon as Congress balances the budget and brings the troops home, then we'll talk about micro-managing mobile app developers.

  13. Is it Congress, or the request itself? by yuna49 · · Score: 1

    Would all these criticisms disappear if the request had come from the Federal Trade Commission? Somehow I suspect that the government-hating contingent on Slashdot would make the same arguments about any requests by a Federal agency.

    I don't trust app developers or anyone else whose profits derive from using my personal information. That's why I don't have accounts on Facebook or Twitter.

  14. Re:Where gonna go? Android? by Kalriath · · Score: 2

    The Apple sandbox that can be defeated by a fucking web page rooting the device.

    No thanks. (And I do in fact own an iPhone by the way, and I do happen to like it. I'm simply not deluded into thinking it magically protects me from those "evil nasties" that Android has).

    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".
  15. Re:Where gonna go? Android? by Kalriath · · Score: 1

    Actually, Windows Phone has permissioning much like Android. You need permission to access the internet, the camera, the address book, location services. It's really not as bad as you Anti-"M$" fanbois like to claim.

    --
    For a site about things like basic rights, Slashdot users sure do like to censor "dissent".