Feeds

US Senate weighs in on phone tracking

Stern letters dispatched

Intelligent flash storage arrays

The House Energy and Commerce Committee has asked the bigger phone platforms to explain their policy on tracking customers, ahead of hearings on the subject scheduled for 10 May.

The Committee has written to Microsoft, Nokia, RIM and HP as well as Apple and Google, but only the latter two have been asked to attend the hearings and explain what data they are collecting, how they're ensuring that data is secured, and how users opt out of being tracked.

The letters, to which the companies are expected respond by 9 May, ask specific questions about what location data is collected, where that data is stored and who has access to it, as well as whether the data is shared with any third parties. The companies are also asked to explain how a user might "opt out" of being tracked in such a way, and how such an option is advertised.

The letter to Apple (18-page PDF/511 KB) is particularly interesting as it includes the company's response to a similar enquiry made last year, and asks if Apple has changed its policy in the intervening time (and, if so, why the US Congress wasn't informed).

At a glance Apple's terms and conditions seem vague enough to permit everything of which the company has been accused, but the lawyers on both sides will no doubt be taking a much closer look.

An important point about the recent revelations is the storage of location data on the handset, as well as the servers. That's significant as it allows many more people to potentially access the data. Law enforcement can already get location information, including historical information, from network operators but that requires paperwork and expenses which are dependent on the level of judicial oversight imposed by the local laws.

Information scooped out of a handset, on the other hand, is generally available without bothering a magistrate or Single Point of Contact* – perhaps even during an unrelated traffic stop if you happen to be in Michigan, allowing the police officer access to historical location data with little or no judicial oversight.

The GSM SIM already provides access to recent call location, and sometimes the last tower to which the phone was connected, without mucking about with network operators or additional paperwork, but allowing anyone with access to the phone to know everywhere it has been seems a step too far.

A public debate on the subject is long overdue, and we can only hope that the 10 May hearings will provide just that. ®

* The person(s) through whom UK police make information requests of mobile network operators.

Security for virtualized datacentres

More from The Register

next story
Crouching tiger, FAST ASLEEP dragon: Smugglers can't shift iPhone 6s
China's grey market reports 'sluggish' sales of Apple mobe
Sea-Me-We 5 construction starts
New sub cable to go live 2016
EE coughs to BROKEN data usage metrics BLUNDER that short-changes customers
Carrier apologises for 'inflated' measurements cockup
Comcast: Help, help, FCC. Netflix and pals are EXTORTIONISTS
The others guys are being mean so therefore ... monopoly all good, yeah?
Surprise: if you work from home you need the Internet
Buffer-rage sends Aussies out to experience road rage
EE buys 58 Phones 4u stores for £2.5m after picking over carcass
Operator says it will safeguard 359 jobs, plans lick of paint
MOST iPhone strokers SPURN iOS 8: iOS 7 'un-updatening' in 5...4...
Guess they don't like our battery-draining update?
prev story

Whitepapers

A strategic approach to identity relationship management
ForgeRock commissioned Forrester to evaluate companies’ IAM practices and requirements when it comes to customer-facing scenarios versus employee-facing ones.
Storage capacity and performance optimization at Mizuno USA
Mizuno USA turn to Tegile storage technology to solve both their SAN and backup issues.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Beginner's guide to SSL certificates
De-mystify the technology involved and give you the information you need to make the best decision when considering your online security options.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.