Apple and Google to get grilled about privacy
Google and Apple could be in for a grilling in Washington for their so-called "Locationgate" problems.
Executives from both companies are set to appear Tuesday at a packed hearing called by the Senate Judiciary Subcommittee on Privacy, Technology, and the Law. This comes a few weeks after it was revealed that smartphones and tablets from Apple and Google can track users' location information and store that data.
"I am sorry that not everyone was able to get into the room," Sen. Al Franken, D-Minn., who chairs the new subcommittee, said when starting the hearing Tuesday morning.
All eyes are on the privacy brouhaha, which kicked off last month after two British researchers released an open source application that let Apple's customers see the location data stored on their iPhones and 3G iPads.
Alan Davidson, Google's director of public policy, and Guy L. "Bud" Tribble, an Apple vice president, will testify at the hearing.
In his opening remarks, Franken noted that privacy concerns have multiplied as the world becomes increasingly digital.
"To me this subcommittee is about addressing a fundamental shift," Franken said. "I love that I can use Google maps -- for free, no less. I love that I can look up the [local] weather on my iPad. But we need a balance."
Franken cited a Wall Street Journal investigation of 101 apps, in which the paper found that 47 of those apps transmitted their users information -- some of them without users' consent.
"When I sent a letter to Apple about this, the first group to send me a message was the Minnesota Coalition for Battered Women," Franken said. "This information can be put in the wrong hands."
But stalking isn't the only concern, Franken said: "There are a range of harms that can come from breaches."
Jason Weinstein, deputy assistant attorney general at the Department of Justice, agreed.
"The line between mobile devices and computers is shrinking every day," Weinstein said, noting that this makes it easier for malicious users to create a network of infected computers.
Even as technology evolves, though, today's security threats are "new variations on old problems," Weinstein said. "Before it was email, now it's an android app. It's an old school crime with a new spin."
Weinstein pointed out "there is no comprehensive federal regulation that enforces data breach disclosure," using as an example the theft of millions of email addresses from marketing firm Epsilon earlier this year.
Jessica Rich, deputy director of the Bureau of Consumer Protection at the Federal Trade Commission, said the FTC believes "consumers have no idea about the layers of sharing [data] that goes on behind the scenes."
Rich suggested prohibiting apps from collecting location information "if it's not necessary to the business model," as well as "streamlined" terms of service "that don't take 100 clicks to get through."
The Apple and Google executives will testify later on Tuesday, in addition to independent security experts.
For its part, Apple released a 10-part Q&A and statement two weeks ago admitting to a lack of transparency. It also promised a software update to fix a "bug" that retained data for more than a year instead of the intended few days .
Meanwhile, Google has said its Android devices collect location data, but only with users' consent. Any location data that is sent back to Google location servers is not tied or traceable to a specific user, according to the company.