Senator Charles E. Schumer has called for the Federal Trade Commission to launch an investigation into reports that smartphone applications sold on the Apple and Android platforms are allowed to steal private photos and customers address books.
This past week, the New York Times revealed that iPhone and Android applications downloaded by users can actually gain access to a customer’s private photo collection, and in some cases share the information online. This latest report comes on the heels of the discovery last month that applications on Apple devices like the iPhone and iPad were able to upload entire address books with names, phone numbers, and email address to their own servers. In both cases, users were not notified that their private information stored on their phone and or iPad could be copied and used by third party applications.
“When someone takes a private photo, on a private cell phone, it should remain just that: private,” said Schumer. “Smartphone developers have an obligation to protect the private content of their users and not allow them to be veritable treasure troves of private, personal information that can then be uploaded and distributed without the consumer’s consent.”
According to reports by independent technologists, two separate loopholes, one in the Apple operating system and one in the Android operating system, allow apps to gather users’ photos. In the case of Apple, if a user allows the application to use location data, which is used for GPS-based applications, they also allow access to the user’s photo and video files that can be uploaded to outside servers. In the case of Android-based applications, the user only needs to allow the application to use Internet services as part of the app for third parties to gain access to photo albums.
“It sends shivers up the spine to think that one’s personal photos, address book, and who-knows-what-else can be obtained and even posted online – without consent. If the technology exists to open the door to this kind of privacy invasion, then surely technology exists to close it, and that’s exactly what must happen. The rapid innovation in technology, which is wonderful, must not also become an open invitation to violate people’s privacy willy-nilly. When a consumer makes a private phone call or sends a letter the old fashioned way, they have a very reasonable expectation that the communication is private. The same standard must apply to our new technologies, too,” continued Schumer.
Two weeks ago it was revealed that some of the most popular applications for smart phones were routinely collecting personal data from users’ address books, despite policies in place from smartphone makers like Apple that explicitly prohibit such action without the prior consent of the user. After reports revealed this widespread practice, several applications announced they would end the practice. Questions remain, however, over the implementation of security policies employed by smartphone manufacturers and their oversight of applications sold on their platforms.
Schumer today, in a letter to the Federal Trade Commission, called for the agency to launch a comprehensive investigation to explicitly determine whether copying or distributing personal information from smartphones, without a user’s consent, constitutes an unfair or deceptive trade practice. Schumer is also urging the agency to require smart phone makers put in place safety measures to ensure third party applications are not able to violate a user’s personal privacy by stealing photographs or data that the user did not consciously decide to make public.