Is There An App For This? Congress Asks Disclosure From 34 iOS Publishers

In an App Store of over 500,000 selections, content discovery is notoriously hard. But it wasn’t hard for Congressional staffers to root out 34 sellers of social apps in the iOS market this week. The Energy and Commerce Committee’s head Henry Waxman and Commerce, Manufacturing, and Trade Subcommittee ranking member GK Butterfield issued letters to some of the highest profile app publishers on mobile platforms yesterday, each asking in detail about the data the companies harvest from devices.

The effort was sparked by the revelations last month that the social tracking app Path and other iOS apps had been shown to pull address book information off the devices on which they were installed. Subsequent reports showed that some apps could access a range of user data on phones, including photos, often without asking for permission.

As part of its fact-finding effort, the Congressmen sent letters to the CEOs of some of the most popular apps they found in the social media category fo the app store. Letters were sent to Apple’s CEO Tim Cook, Twitter’s Dick Costolo, foursquare’s Dennis Crowley, Facebook’s Mark Zuckerberg, Pinterest’s Ben Silbermann and many others.

The form letters outline a litany of data and responses the committees are harvesting. The Committee is asking for the following information about specific apps named in the letters:

  • Number of app downloads through end of February 2012
  • A copy of the privacy policy and its availability to users
  • Whether the app accessed the address book
  • Whether the publisher stored information from the address book and how any of that information was kept secure
  • Transmission or use of any other information about or from the user device, including phone number, email account, calendar, photo gallery, WiFi connection log, Unique Identifier, MAC address
  • Purposes for using information from the device

    Especially interesting is one of the final requests, referencing the ways in which publishers interpret Apple’s own iOS Developer Program License Agreement. According to the letters, the agreement says that apps “may not collect user or device data without prior user consent, and then only to provide a service or function that is directly relevant to the use of the Application, or to serve advertising.” The letters ask the app makers to clarify how they read this license. How, for instance, do publishers define which user and device data requires users' prior consent before the app accesses it? How do  publishers distinguish between “user data” and “device data”? And then the Congressmen go on to ask which of the harvested data points are directly relevant to the apps.

    Waxman and Butterfield’s line of questioning suggests a couple of trajectories for these investigations, and so some indication of the kinds of recommendations and regulatory proposals we might see come from it. First, they are teasing out the unique layered relationship apps have between maker and user. Their focus on Apple’s own licensing agreement suggests they plan to explore the wiggle room the policy either makes or that app makers take from it.

    Even more importantly, the questions make the connection between data collected and its actual relevance to the app’s functionality and user benefit. I suspect we will see more focus on this theme in the coming year. For a long time the digital media world boasted of “all this data” rendered by user interactions with content. Years ago, at a Mobile Marketing Association forum, I heard the head of content at AT&T (then Cingular) tell the audience that the carrier was indeed sitting on mountains of data -- but that it didn’t even know what it had in there.

    The data on user interaction with mobile content and devices had never been collected with marketing or any other aim in mind. Some startups collected enormous amounts of user data on the premise that at some point it could be made into useful products and services for marketers or users.

    Those days may be coming to an end. What may come out of government scrutiny is the end of simply harvesting data on spec. We can foresee either self-regulatory measures or government agency guidelines that call for app makers to be very specific not only about what they are taking from a user device, but also how it is being used.

    This is precisely the kind of linkage the data industries need to move forward. At the recent OMMA Data and Behavioral event, Organic's executive director of mobile marketing, Rachel Pasqua, made an important point about the ways in which mobile apps have gotten people more accustomed to permission-based data gathering. Every time Apple or an app asks for permission to track your location, you are opting in to a system of data collection. Users are getting used to exchanging data for service. A conversation about data is being surfaced and initiated here. The important piece is that the data rendered is associated with a real benefit. That is the kind of discipline about data use and communication with users that could build better relationships with consumers -- and build better apps. 

    Recommend (7)