Franken Demands Answers from Steve Jobs
Sen. Al Franken (D-MN) wants answers. Security researchers Wednesday revealed the existence of a file on iPhones and on their computer backups that logs detailed cell phone triangulation data — and has ever since iOS 4 was released last summer. The information is stored unencrypted by default, and is simple to access. That announcement led Franken to fire off a two-page letter (PDF), asking nine pointed questions of Apple CEO Steve Jobs.
Franken first outlines scenarios in which the release of this data could pose a problem. “Anyone who gains access to this single file could likely determine the location of the user’s home, the businesses he frequents, the doctors he visits, the schools his children attend, and the trips he has taken over the past months or even a year,” he writes. Which raises the obvious question: how would an attacker get access to the data?
1. Why does Apple collect and compile this location data? Why did Apple choose to initiate tracking this data in its iOS 4 operating system?
2. Does Apple collect and compile this location data for laptops?
3. How is this data generated? (GPS, cell tower triangulation, Wi-Fi triangulation, etc.)
4. How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
5. How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?
6. Why is this data not encrypted? What steps will Apple take to encrypt the data?
7. Why were Apple consumers never affirmatively informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
8. Does Apple believe that this conduct is permissible under the terms of its privacy policy?
9. To whom, if anyone, including Apple, has this data been disclosed? When and why were these disclosures made?
2. Does Apple collect and compile this location data for laptops?
3. How is this data generated? (GPS, cell tower triangulation, Wi-Fi triangulation, etc.)
4. How frequently is a user’s location recorded? What triggers the creation of a record of someone’s location?
5. How precise is this location data? Can it track the users location to 50 m, 100 m, etc.?
6. Why is this data not encrypted? What steps will Apple take to encrypt the data?
7. Why were Apple consumers never affirmatively informed of the collection and retention of their location data in this manner? Why did Apple not seek affirmative consent before doing so?
8. Does Apple believe that this conduct is permissible under the terms of its privacy policy?
9. To whom, if anyone, including Apple, has this data been disclosed? When and why were these disclosures made?
No comments:
Post a Comment