United States will ask the Cook answered user information has been uploaded before the 29th issue
Beijing time on February 16, according to foreign media reports, the United States Congress on Wednesday sent a letter to the company, its CEO Tim-Cook (Tim Cook) before February 29, application developers are not authorized to access the user’s personal address book data give a reply.
Last week, headquartered in the San Francisco start-up Path launched a social network similar to Facebook applications. Blogger Allen-taimupi (Arun Thampi) revealed in his blog, under Path without his consent, access and collect his iPhone address book information. Subsequently, the Path CEO Dave-Merlin (Dave Morin) quickly on this issue the apology, and acknowledge that the company does wrong.
In a letter to Cook’s letter, United States House of Representatives Committee on energy and Commerce Democrats-Henry Waxman (Henry Waxman) and-Butterfield (G.K. Butterfield) asked the Cook to indicate “on protect iPhone users and their contact information, is there a flaw in its iOS developer policies and guidelines. ”
At the same time, Apple spokesman Tom-nuoyimeier (Tom Neumayr) responded on Wednesday said: “before the application without user permission to collect or transmit user data, contrary to our developer guidelines. As address location data issues before, and we are working to improve this problem. On the future release of the software, any application that wants to use the contact data must obtain the express consent of the user. ”
Following is the full text of the letter of two members of Congress:
The iOS application independent developer Allan-taimupi (Arun Thampi) wrote in his blog, he discovered that mobile social networking application Path in case without securing his agreement, access and collect information of his iPhone address book. This information is being collected without his permission–at the same time or, with the consent of his license – for a contact includes the contact’s full name, phone number, and e-mail address.
In TAME CO skin announced this a found and media of disclosure zhihou, Path joint founder and CEO Dave-Marlin (Dave Morin) has quickly to for has apologized, and commitment will will from Path of server among delete the company from user phone in the gets of all contact information, and will launched a paragraph update version of Path application, which will will let user right to themselves select is upload they address book among of contact people information.
This event set to the external policy questions on Apple iOS app developers, that is, protect iPhone users and their contact information, its policies and guidelines is there a flaw in iOS developers.
IOS application developers in your company data management section of the site clearly points out: “iOS has a complete system of tools and frameworks to help you store, access and share data iOS applications can even access to a device’s global information, including contact information for users in the address book, and picture files in the pictures library, and so on. ”
While your app store censorship were pointed out: “we will be on the app store every product from the technology, content, and design standards to review. Users can use the app store reviews to see details of the standard of review of the Ordinance. “However the regulation can only be used by registered iOS application developers view. Technology blog authors, according to track Path scandals, iOS application has in fact made it clear that the application of the Ordinance in the “before you get information from the user” needs to agree on the prior consent of the user.
Despite the provisions of this Ordinance, but reports that “many iOS app developers have reached an unwritten agreement, that is, they can be taken for granted on the premise of not obtaining user authorization granted, users of address book contact information on a remote server, and then save them for future use. This practice was common, and many probably would have address book information you have stored in their database. ”
Has one blog writer said, he had on a hot of application developers do had once investigation, results displayed 15 a people among has 13 a people are has a copies “millions of people of address book contact database”, which has a a people also said he of database in the including has “Facebook CEO Mark-Zuckerberg (Mark Zuckerberg) of phone number, and Oracle CEO Larry-Ellison (Larry Ellison) ‘s home phone and Bill Gates (Bill Gates) cell phone number. ”
In fact, the old version of the Path was justifiably get on the Apple iTunes Store app store, and still have contact information without the user’s permission to collect user address book feature, which makes the outside world had to question Apple’s review of policy is a mere formality. To better clarify these questions to the outside world, we require your company to respond to the following questions:
1, promulgated the Ordinance which relate to the iOS application applications can access user details the privacy and security of data entry or transmission.
2, please detail your company is how to judge whether an application can pass the audit requirement.
3, your company will need to be approved by the authorized users before the transfer “of user-related data” be defined?
Based on 4, in issue # 2, please provide details about your company is how to judge whether an app will transfer “of user-related data”, as well as whether the operation requires approval from the user.
5, in the United States iTunes store, how many iOS applications will transfer “and user-related information”?
6, does your company information in your address book as a “data relating to the user”?
7, do you think the content is associated with a contact in your address book data? If you don’t think so, please give a reason. Please explain how you will protect the privacy of user contact information and security requirements.
8, in the United States iTunes store, how many iOS application will upload information from the user’s address book in the address book? And how many of these applications has been approved by the authorized user before upload information?
9, you have in your device settings to be able to fully close geographic positioning information transfer, or can be based on various applications to separate close. Please explain why you do not have the address book information to the same protections.
Please answer in a timely manner prior to the February 29, 2012 we related issues raised above. If you have any questions about our problems, you can contact the staff of the House Committee on energy and Commerce Fei Li Pei-Mendoza (Felipe Mendoza), Tel 202-226-3,400.
Henry-Mr Waxman
G.K. debate
Text/Tencent technology