{{ site.title }}

Apple, Google grilled on mobile privacy

Last Updated on May 26, 2011, 8:36 pm ET

A Guest Post by ARL Law and Policy Fellow Kristen Riccard

On May 11, the US Senate Judiciary Committee’s newly formed Subcommittee on Privacy, Technology, and the Law, held its first hearing, appropriately titled “Protecting Mobile Privacy: Your Smartphones, Tablets, Cell Phones and Your Privacy.” The committee questioned six witnesses—including representatives from Apple, Google, the Federal Trade Commission (FTC), and the Department of Justice (DOJ)—on the privacy implications and the potential cyber-security threats posed by the use of mobile devices and applications as well as the ability of mobile application providers to collect, store, and share consumer location data. The hearing was conducted as Congress considers updating federal privacy laws. While lawmakers noted that they would be cautious before drafting laws that hinder innovation and openness, several Subcommittee members appeared skeptical of the companies’ dedication to protecting consumer data.

After opening statements by Subcommittee Chairman Al Franken and Senate Judiciary Committee Chairman Patrick Leahy expressing deep concern over the recent privacy flaws in Apple’s and Google’s devices, members of the Subcommittee questioned a panel composed of a witness from the Criminal Division of the DOJ and a witness from the Consumer Protection Bureau of the FTC. This first panel was questioned on the potential for mobile technology to increase the risk of cyber crimes, identity theft, stalking, and consumer fraud. While both witnesses detailed the threat that mobile device information poses to consumer privacy, Jason Weinstein of the DOJ insisted that mobile application providers should retain users’ location information for the purposes of assisting law enforcement in criminal investigations.

An even more impassioned round of questions followed for the second panel of witnesses, which included representatives from Google and Apple. Several Senators admonished the two companies for their failure to adequately protect users’ location information or impose privacy requirements on application providers. While Google’s public policy director Alan Davidson attempted to defend the company’s policies by explaining that the Android platform relies on an “opt-in” system when sharing a user’s information, he did admit that the company does not require application providers to adhere to a specific privacy policy. Similarly, Apple’s VP of Software Technology Guy L. Tribble noted that Apple does not have a privacy policy but instead requires app providers to give clear notice to consumers of what information the app seeks to use—arguing that such a system is more effective than a privacy policy. The companies repeatedly emphasized their desire to maximize openness and innovative business developments.