US Congress Queries Apple, Google On Data Collection Practices

The US Congress has sent data protection queries to Apple and Google parent Alphabet, in the latest sign that the political furore stirred up by Facebook’s Cambridge Analytica scandal could spread to other tech giants.

The House Committee on Energy and Commerce this week released letters sent to Apple chief Tim Cook and Alphabet head Larry Page asking for details on how the companies protect users’ privacy, with a number of the questions focusing on the two firms’ market-leading smartphone platforms.

The letters were signed by committee chair Greg Walden and the heads of three of the panel’s sub-committees.

Thus far, Apple and Google have avoided any direct fallout from the Cambridge Analytica row, which involved the now-defunct political consultancy allegedly misusing the personal details of 87 million Facebook users in the 2016 Trump campaign.

User tracking

Apple’s Cook even contrasted his company’s practices with those of Facebook, a claim the House committee took a swipe at by noting that Apple freely allows software from the likes of Facebook and Google on its smartphones, even while highlighting those companies’ apps as “contradictory to Apple’s values”.

The questions make reference to recent press reports, including a claim by Quartz that Android phones sometimes track location even when users have expressly disabled it and a Wall Street Journal report that Google allows third-party developers to read users’ emails.

Some questions focus on offline data collection through location services, cell towers, Wi-Fi hotspots and Bluetooth connections.

“Considering that many consumers likely believe that a phone that lacks a SIM card, or one for which they have affirmatively disabled location services, Wi-Fi, or Bluetooth – such as through turning on ‘Airplane Mode’ – is not actively tracking them, this alleged behavior is troubling,” the letters read.

The letters also ask about digital assistants such as Apple’s Siri and whether they may sometimes listen to the surrounding environment and make recordings.

GDPR rights

Other questions are more general, including asking how the firms ensure apps comply with developer guidelines and are not improperly acquiring users’ data, as Cambridge Analytica is alleged to have done.

The companies are asked to reply by 23 June.

Apple declined to comment, while Google said: “Protecting our users’ privacy and securing their information is of the utmost importance. We look forward to answering the committee’s questions.”

Data protection issues have taken on additional urgency with the introduction in late May of the General Data Protection Regulation (GDPR), which gives regulators the power to impose large fines for improper collection and processing of user data.