34 iOS app makers at center of congressional inquiry on data collection practices

Not satisfied with Apple’s updated privacy policies, members of a congressional subcommittee dedicated to consumer protection have gone directly to the makers of social iOS applications and are demanding answers on how these apps access personal data.

G.K. Butterfield and Henry Waxman, ranking members of the Energy and Commerce Committee, sent inquiry letters Thursday to makers of 34 different social applications, including Twitter, Facebook, Foursquare, Path, Pinterest, Socialcam, Foodspotting, and even Apple, which makes and distributes the Find My Friends location-based application.

The letters represent the congressmen’s third attempt to get to the bottom of a data privacy scandal involving many of today’s hottest social networking companies. The issue came to light after it was discovered that Path and many social applications access, transmit, and store personal data including address book information and photos. Butterfield and Waxman, with the expressed interest of wanting to protect consumers, have sent Apple two formal inquiries and are now routing around the gatekeeper to get to the heart of the matter.

The letters delivered Thursday are mostly identical in nature and include nine different questions designed to determine the exact types of information app makers collect from users, their policies governing collection and usage, their understanding of Apple’s policies, whether they transmit the data in question, and if they store that data (and for how long).

“We are writing to you because we want to better understand the information collection and use policies and practices of apps for Apple’s mobile devices with a social element,” the congressmen said in the letters. The letter delivered to Twitter is included below.

Several of the questions ask for specifics on data collection practices. One question reads: “At any time, has your iOS app transmitted or have you stored any other information from or about a user’s device — including, but not limited to, the user’s phone number, email account information, calendar, photo gallery, WiFi connection log, the Unique Device Identifier (UDID), a Media Access Control (MAC) address, or any other identifier unique to a specific device?”

The congressional committee is requesting that application makers respond to the questions in written form no later than April 12, three weeks from today. The congressmen did not detail how they plan to address application sellers they believe violate the privacy rights of consumers, but did indicate that they hope to build a “fact-based understanding of the privacy and security practices in the app marketplace.”

Photo credit: THEMACGIRL*/Flickr

Contemplating expanding your business to Asia? Sign up for a free VB webinar this Thursday 3/22 at 1pm PT. You’ll benefit from actionable tips and lessons learned as VB Executive Editor Dylan Tweney moderates a lively discussion with a group of Silicon Valley CEOs about their experience in using Singapore as a hub for Asian expansion. There will also be an attendee Q&A portion directly following the session. For full details, go here.