Feeds

US Senate weighs in on phone tracking

Stern letters dispatched

Seven Steps to Software Security

The House Energy and Commerce Committee has asked the bigger phone platforms to explain their policy on tracking customers, ahead of hearings on the subject scheduled for 10 May.

The Committee has written to Microsoft, Nokia, RIM and HP as well as Apple and Google, but only the latter two have been asked to attend the hearings and explain what data they are collecting, how they're ensuring that data is secured, and how users opt out of being tracked.

The letters, to which the companies are expected respond by 9 May, ask specific questions about what location data is collected, where that data is stored and who has access to it, as well as whether the data is shared with any third parties. The companies are also asked to explain how a user might "opt out" of being tracked in such a way, and how such an option is advertised.

The letter to Apple (18-page PDF/511 KB) is particularly interesting as it includes the company's response to a similar enquiry made last year, and asks if Apple has changed its policy in the intervening time (and, if so, why the US Congress wasn't informed).

At a glance Apple's terms and conditions seem vague enough to permit everything of which the company has been accused, but the lawyers on both sides will no doubt be taking a much closer look.

An important point about the recent revelations is the storage of location data on the handset, as well as the servers. That's significant as it allows many more people to potentially access the data. Law enforcement can already get location information, including historical information, from network operators but that requires paperwork and expenses which are dependent on the level of judicial oversight imposed by the local laws.

Information scooped out of a handset, on the other hand, is generally available without bothering a magistrate or Single Point of Contact* – perhaps even during an unrelated traffic stop if you happen to be in Michigan, allowing the police officer access to historical location data with little or no judicial oversight.

The GSM SIM already provides access to recent call location, and sometimes the last tower to which the phone was connected, without mucking about with network operators or additional paperwork, but allowing anyone with access to the phone to know everywhere it has been seems a step too far.

A public debate on the subject is long overdue, and we can only hope that the 10 May hearings will provide just that. ®

* The person(s) through whom UK police make information requests of mobile network operators.

The smart choice: opportunity from uncertainty

More from The Register

next story
Auntie remains MYSTIFIED by that weekend BBC iPlayer and website outage
Still doing 'forensics' on the caching layer – Beeb digi wonk
Apple orders huge MOUNTAIN of 80 MILLION 'Air' iPhone 6s
Bigger, harder trouser bulges foretold for fanbois
GoTenna: How does this 'magic' work?
An ideal product if you believe the Earth is flat
Telstra to KILL 2G network by end of 2016
GSM now stands for Grave-Seeking-Mobile network
Seeking LTE expert to insert small cells into BT customers' places
Is this the first step to a FON-a-like 4G network?
Yorkshire cops fail to grasp principle behind BT Fon Wi-Fi network
'Prevent people that are passing by to hook up to your network', pleads plod
BlackBerry: Toss the server, mate... BES is in the CLOUD now
BlackBerry Enterprise Services takes aim at SMEs - but there's a catch
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Boost IT visibility and business value
How building a great service catalog relieves pressure points and demonstrates the value of IT service management.
Designing a Defense for Mobile Applications
Learn about the various considerations for defending mobile applications - from the application architecture itself to the myriad testing technologies.
Build a business case: developing custom apps
Learn how to maximize the value of custom applications by accelerating and simplifying their development.