:format(webp)/cdn.vox-cdn.com/uploads/chorus_image/image/60312883/capitoldome23.0.jpg)
Last week, reports surfaced confirming that third-party app developers were capable of reading emails belonging to millions of Gmail accounts. Today, Congress is demanding Google supply answers to a variety of privacy-related questions following the scandal.
Top Republicans on the House Energy and Commerce Committee sent letters to both Apple and Alphabet today that asked a slew of questions regarding privacy issues. The most targeted questions were aimed at Alphabet’s CEO, Larry Page, regarding last week’s report in The Wall Street Journal, but also extended to issues like audio collection and location tracking.
The committee pointed out that even though Google announced last year that it would stop scanning user emails to better target advertisements, the company still allowed third-parties to peer into emails and content, raising privacy concerns. These third-parties were able to look in after users allowed them access by checking off on a significantly vague approval box. “Google still permitted third parties to access the contents of users’ emails, including message text, email signatures, and receipt data, to personalize content,” the letter said. “In the context of free services offered by third parties, these practices raise questions about how representations made by a platform are carried out in practice.”
In the letter to Tim Cook, congressional Republicans ask about their perceived hypocrisy in Apple touting how committed the company is to privacy, but also allowing apps created by Google and Facebook, which the committee called “contradictory to Apple’s values,” to be downloaded through the App Store. “These statements and actions raise questions about how Apple device users’ data is protected and when it is shared and compiled,” the letter said.
When it came to other data collection questions, the lawmakers seemed curious as to whether locally stored location information on a device could be shared to Google, Apple, or third-party developers even if users turned off their location services. The lawmakers also seemed concerned whether audio could be recorded from devices even if a trigger phrase like “Okay, Google” isn’t said.
Overall, the questions were detailed and should provide some insight into how data is serviced to third-party players by both Apple and Google. The committee requested that all questions be answered and returned by July 23rd.
WASHINGTON, DC – The Energy and Commerce Committee today sent letters to Apple CEO Tim Cook and Alphabet CEO Larry Page to probe the companies’ representation of third-party access to consumer data, and the collection and use of audio recording data as well as location information via iPhone and Android devices.
The letters were signed by full committee Chairman Greg Walden (R-OR), Communications and Technology Subcommittee Chairman Marsha Blackburn (R-TN), Oversight and Investigations Subcommittee Chairman Gregg Harper (R-MS), and Digital Commerce and Consumer Protection Subcommittee Chairman Bob Latta (R-OH).
The leaders pose to both Mr. Cook and Mr. Page, “Recent reports have also suggested that smartphone devices can, and in some instances, do, collect ‘non-triggered’ audio data from users’ conversations near a smartphone in order to hear a ‘trigger’ phrase, such as ‘okay Google’ or ‘hey Siri.’ It has also been suggested that third party applications have access to and use this ‘non-triggered’ data without disclosure to users.”
The letter to Mr. Cook reads, “In the wake of the privacy scandals that surfaced earlier this year, you made several comments to the press around Apple’s beliefs about privacy, including ‘[w]e’ve never believed that these detailed profiles of people that have incredibly deep personal information that is patched together from several sources should exist.’ However, users have consistently had access to apps through the App Store that you have highlighted as contradictory to Apple’s values, including Google and Facebook apps. Only a few weeks ago Apple announced changes to its App Store rules that were characterized as attempting to limit how much data third-party app developers can collect from Apple device users. These statements and actions raise questions about how Apple device users’ data is protected and when it is shared and compiled.”
The letter to Mr. Page reads, “In June 2017, Google announced changes to Gmail that would halt scanning the contents of a user’s email to personalize advertisements to ‘keep privacy and security paramount.’ Last week, reports surfaced that in spite of this policy change, Google still permitted third parties to access the contents of users’ emails, including message text, email signatures, and receipt data, to personalize content. In the context of free services offered by third parties, these practices raise questions about how representations made by a platform are carried out in practice.”
To read the letter to Apple CEO Tim Cook, click here.
To read the letter to Alphabet CEO Larry Page, click here.