Four Democratic lawmakers are urging the Federal Trade Commission to investigate Apple and Google for building tracking identifiers into mobile devices.
Those mobile identifiers “have fueled the unregulated data broker market by creating a single piece of information linked to a device that data brokers and their customers can use to link to other data about consumers,” Senators Ron Wyden (D-Oregon), Elizabeth Warren (D-Massachusetts), Cory Booker (D-New Jersey, and Rep. Sara Jacobs (D-California) say in a letter sent Friday to FTC Chair Lina Khan.
The letter was first reported by The Wall Street Journal.
"The FTC should investigate Apple and Google’s role in transforming online advertising into an intense system of surveillance that incentivizes and facilitates the unrestrained collection and constant sale of Americans’ personal data," the letter states.
The lawmakers add that Apple and Google "have failed to inform consumers of the privacy and security dangers involved in using those products."
Google's operating system for Android includes an id identifier -- a pseudonymous alphanumeric string -- that developers can access to track people across mobile apps. Android phones have a setting that allows consumers to opt out of receiving personalized ads.
Apple, which also has an alphanumeric identifier (the "Identifier for Advertisers") in its operating system, currently requires companies to obtain consumers' consent before drawing on the identifier for advertising purposes. But the company did not always do this.
When Apple rolled out the first iPhones, they came with unique device identifiers -- comparable to serial numbers -- that developers were able to harness to track users across mobile apps.
The company later replaced those identifiers with an alphanumeric identifier, which Apple calls the Identifier for Advertisers, that users could re-set. Doing so effectively wiped out records of their prior app use, comparable to deleting cookies, but did not prevent future tracking.
Last year, Apple implemented new settings that prohibit developers from accessing that identifier without opt-in consent.
The lawmakers' letter, written in anticipation of the Supreme Court's decision overturning Roe v. Wade, warned that data brokers “are already selling, licensing, and sharing the location information of people that visit abortion providers to anyone with a credit card.”
They added that people seeking abortions “will become particularly vulnerable to privacy harms, including through the collection and sharing of their location data."
“Prosecutors in states where abortion becomes illegal will soon be able to obtain warrants for location information about anyone who has visited an abortion provider,” the lawmakers wrote. “Private actors will also be incentivized by state bounty laws to hunt down women who have obtained or are seeking an abortion by accessing location information through shady data brokers.”
A Google spokesperson said Friday that the company doesn't "sell" user data, and prohibits developers from selling that data. (Not everyone defines sell the same way; in California, for instance, the disclosing or transferring data is considered a sale.)
"The advertising ID was created to give users more control and provide developers with a more private way to effectively monetize their app," the spokesperson added. "Additionally, Google Play has policies in place that prohibit using this data for purposes other than advertising and user analytics."