It was only a matter of time before Congress got wind of reports that certain apps have been collecting consumers' address books without their consent. While the social networking app "Path"—which recently received a public flogging for doing just that—was quick to recant the practice, the issue leaves some lawmakers with questions about whether Apple's policies with its app developers leaves consumer privacy unprotected.
In order to seek answers, Rep. Henry Waxman (D-Calif.), ranking member of the House Energy and Commerce Committee, and Rep. G.K. Butterfield (D-N.C.), ranking member of the Commerce, Manufacturing and Trade Subcommittee, sent a letter Wednesday to Apple CEO Tim Cook with a list of questions about the company's developer and consumer privacy policies.
"Claims have been made that 'there is a quiet understanding among many iOS app developers that it is acceptable to send a user's entire address book, without their permission, to remote servers and then store it for future reference. It's common practice, and many companies likely have your address book stored in their database,'" Waxman and Butterfield wrote quoting recent reports.
Apple has until Feb. 29 to respond.
Regardless of Apple's policies, the Mobile Marketing Association, which last month released privacy policy guidelines for mobile apps, says it's up to the app developer to get in line.
If apps don't, congressional intervention is inevitable. "We specifically wrote privacy app guidelines for bullshit like this," said Greg Stuart, the global CEO of the MMA. "The challenge with Apple is they run such a proprietary system that they get tagged for this, but I don't know if they have real culpability. [Path] violated all three MMA guidelines of transparency, notice and choice."
Specifically, MMA's guidelines state: "If the Application collects information from and/or for social networking platforms (e.g., pulling contact information, friends lists, login information, photos or check-ins), the Application should ensure that the prior consent of the user is obtained."
Update:
The usually reticent Apple responded that developers accessing address book data without the consumer's permission are violating Apple's guidelines. "We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release," Apple spokesman Tom Neumayr told AllThingsD.
