Last week, The Wall Street Journal reported that third-party app developers may have had access to emails from millions of Gmail accounts.
This week, Congress Republicans responded to the reports by asking pointed questions to both Apple and Alphabet, Google’s parent company, relating to customer privacy and ranging from the aforementioned reports to audio collection and company practices that seem contradictory to their stated “values”.
The Energy and Commerce Committee sent letters to Apple CEO Tim Cook and Alphabet CEO Larry Page; these letters were signed by Republicans Greg Walden (Energy and Commerce Committee Chairman), Marsha Blackburn (Communications and Technology Subcommittee Chairperson), Gregg Harper (Oversight and Investigations Subcommittee Chairman) and Bob Latta (Digital Commerce and Consumer Protection Subcommittee Chairman).
A section of the letter to Larry Page reads:
In June 2017, Google announced changes to Gmail that would halt scanning the contents of a user’s email to personalize advertisements to ‘keep privacy and security paramount.’ Last week, reports surfaced that in spite of this policy change, Google still permitted third parties to access the contents of users’ emails, including message text, email signatures, and receipt data, to personalize content. In the context of free services offered by third parties, these practices raise questions about how representations made by a platform are carried out in practice.”
A section of the letter to Tim Cook reads:
In the wake of the privacy scandals that surfaced earlier this year, you made several comments to the press around Apple’s beliefs about privacy, including ‘[w]e’ve never believed that these detailed profiles of people that have incredibly deep personal information that is patched together from several sources should exist.’ However, users have consistently had access to apps through the App Store that you have highlighted as contradictory to Apple’s values, including Google and Facebook apps. Only a few weeks ago Apple announced changes to its App Store rules that were characterized as attempting to limit how much data third-party app developers can collect from Apple device users. These statements and actions raise questions about how Apple device users’ data is protected and when it is shared and compiled.
The letters in full ask questions of both companies relating to their storage of user data and whether locally stored information could be accessed by third parties even if users turned off location services.
They also made a point of questioning the companies about how their audio-recording triggers work, and whether any audio could be captured without these trigger phrase being used.
Another privacy scandal cannot be a good thing for either Apple or Google, both of whom have faced serious questions over their dedication to data security over the last few years. We’ll see how this unfolds.