Feeds

Apple details privacy policies for US Congressmen

Not sharing location info with carriers

The Essential Guide to IT Transformation

Apple has sent Congress an explanation of its location-based information-gathering and privacy policies.

The 13-page letter letter from Apple's general counsel Bruce Sewell sent on July 12, in direct response to a "Dear Mr. Jobs" letter penned late last month by US Representatives Edward J. Markey and Joe Barton, co-chairs of the House Bi-Partisan Privacy Caucus.

Markey and Barton's letter, which included nine specific questions, was prompted by modifications to Apple's overall Privacy Policy, and to the Terms and Conditions with which you must agree before downloading items from the iTunes Store or App Store. Those modifications included the following:

To provide location-based services on Apple products, Apple and our partners and licensees may collect, use, and share precise location data, including the real-time geographic location of your Apple computer or device. This location data is collected anonymously in a form that does not personally identify you and is used by Apple and our partners and licensees to provide and improve location-based products and services. For example, we may share geographic location with application providers when you opt in to their location services.

That language raised a red flag not only to Markey and Barton, but also to many an Apple customer concerned about his or her online, location, and personal-information privacy.

Sewell's letter is intended to calm those concerns. He says, among other things:

  • "...customers have always had the ability to turn 'Off' all location-based service capabilities with a single 'On/Off' toggle switch."
  • "Apple has always required express customer consent when any application requests location-based information for the first time... The customer is asked: 'Don't Allow' or 'OK.' If the customer clicks on 'Don't allow,' no location-based information will be collected or transmitted..."
  • "iOS 4 permits customers to identify individual applications that may not access location-based information, even though the global location-based service capabilities setting is toggled to 'On'... an arrow icon alerts iOS 4 users that an application is using or has recently used location-based information."
  • "When a customer's device sends Wi-Fi, cell tower, GPS or diagnostic location data to Apple it does not include any information identifying the particular device or user."
  • "Apple maintains a secure database containing information regarding known locations of cell towers and Wi-Fi access points. The information is stored in a database accessible only by Apple and does not reveal personal information about any customer."
  • "...GPS Information is batched on the device, encrypted, and transmitted to Apple over a secure Wi-Fi Internet connection (if available) every twelve hours with a random identification number that is generated by the device every twelve hours. The GPS Information cannot be associated with a particular customer or device."
  • "For customers who do not toggle location-based service capabilities to 'Off,' Apple collects information about the devices's location (latitude/longitude coordinates) when an ad request is made. This information is tranmitted securely to the Apple iAd server... The latitude/longitude coordinates are converted ... to a five-digit zip code... Apple then uses the zip code to select a relevant ad for the customer."

And in response to Markey and Barton's question: "Is Apple sharing consumer location information collected through iPhones and iPads with AT&T or other telecommunications carriers?", Sewell's answer was succinct: "No."

Markey and Barton have released statements that indicated an overall comfort with Sewell's assurances. Markey noted that: "Consumer consent is the key to assessing the adequacy of privacy protections, and Apple's responses provide examples of how consumers can grant or withhold consent in their usage of Apple products."

Barton expressed both praise and misgivings: "While I applaud Apple for responding to our questions, I remain concerned about privacy policies that run on for pages and pages."

Finally, as thorough as Sewell's answers may be — much more info can be found in the letter itself — it's important to remember that the questions Apple was responding to concerned just one type of personalization: location-based services. As The Reg reported earlier this month, Apple does have another ad-targeting trick up it sleeve: your personal iTune Store and App Store buying histories. ®

Build a business case: developing custom apps

More from The Register

next story
Scotland's BIG question: Will independence cost me my broadband?
They can take our lives, but they'll never take our SPECTRUM
Trying to sell your house? It'd better have KILLER mobile coverage
More NB than transport links to next-gen buyers - study
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Speak your brains on SIGNAL-FREE mobile comms firm here
Is goTenna tech a goer? Time to grill CEO, CTO
NBN Co adds apartments to FTTP rollout
Commercial trial locations to go live in September
Samsung Z Tizen OS mobe is post-phoned – this time for good?
Russian launch for Sammy's non-droid knocked back
prev story

Whitepapers

Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Maximize storage efficiency across the enterprise
The HP StoreOnce backup solution offers highly flexible, centrally managed, and highly efficient data protection for any enterprise.