Feeds

US Senate weighs in on phone tracking

Stern letters dispatched

Security for virtualized datacentres

The House Energy and Commerce Committee has asked the bigger phone platforms to explain their policy on tracking customers, ahead of hearings on the subject scheduled for 10 May.

The Committee has written to Microsoft, Nokia, RIM and HP as well as Apple and Google, but only the latter two have been asked to attend the hearings and explain what data they are collecting, how they're ensuring that data is secured, and how users opt out of being tracked.

The letters, to which the companies are expected respond by 9 May, ask specific questions about what location data is collected, where that data is stored and who has access to it, as well as whether the data is shared with any third parties. The companies are also asked to explain how a user might "opt out" of being tracked in such a way, and how such an option is advertised.

The letter to Apple (18-page PDF/511 KB) is particularly interesting as it includes the company's response to a similar enquiry made last year, and asks if Apple has changed its policy in the intervening time (and, if so, why the US Congress wasn't informed).

At a glance Apple's terms and conditions seem vague enough to permit everything of which the company has been accused, but the lawyers on both sides will no doubt be taking a much closer look.

An important point about the recent revelations is the storage of location data on the handset, as well as the servers. That's significant as it allows many more people to potentially access the data. Law enforcement can already get location information, including historical information, from network operators but that requires paperwork and expenses which are dependent on the level of judicial oversight imposed by the local laws.

Information scooped out of a handset, on the other hand, is generally available without bothering a magistrate or Single Point of Contact* – perhaps even during an unrelated traffic stop if you happen to be in Michigan, allowing the police officer access to historical location data with little or no judicial oversight.

The GSM SIM already provides access to recent call location, and sometimes the last tower to which the phone was connected, without mucking about with network operators or additional paperwork, but allowing anyone with access to the phone to know everywhere it has been seems a step too far.

A public debate on the subject is long overdue, and we can only hope that the 10 May hearings will provide just that. ®

* The person(s) through whom UK police make information requests of mobile network operators.

Protecting against web application threats using SSL

More from The Register

next story
Brit telcos warn Scots that voting Yes could lead to HEFTY bills
BT and Co: Independence vote likely to mean 'increased costs'
Phones 4u slips into administration after EE cuts ties with Brit mobe retailer
More than 5,500 jobs could be axed if rescue mission fails
New 'Cosmos' browser surfs the net by TXT alone
No data plan? No WiFi? No worries ... except sluggish download speed
Radio hams can encrypt, in emergencies, says Ofcom
Consultation promises new spectrum and hints at relaxed licence conditions
Blockbuster book lays out the first 20 years of the Smartphone Wars
Symbian's David Wood bares all. Not for the faint hearted
Bonking with Apple has POUNDED mobe operators' wallets
... into submission. Weve squeals, ditches payment plans
This flashlight app requires: Your contacts list, identity, access to your camera...
Who us, dodgy? Vast majority of mobile apps fail privacy test
prev story

Whitepapers

Providing a secure and efficient Helpdesk
A single remote control platform for user support is be key to providing an efficient helpdesk. Retain full control over the way in which screen and keystroke data is transmitted.
WIN a very cool portable ZX Spectrum
Win a one-off portable Spectrum built by legendary hardware hacker Ben Heck
Saudi Petroleum chooses Tegile storage solution
A storage solution that addresses company growth and performance for business-critical applications of caseware archive and search along with other key operational systems.
Protecting users from Firesheep and other Sidejacking attacks with SSL
Discussing the vulnerabilities inherent in Wi-Fi networks, and how using TLS/SSL for your entire site will assure security.
Security for virtualized datacentres
Legacy security solutions are inefficient due to the architectural differences between physical and virtual environments.