Home / Tag Archives: congressional

Tag Archives: congressional

Apple’s response to Congressional privacy inquiry is mercifully free of horrifying revelations

It’s not infrequent these days if you’re a big tech company to receive a brusquely worded letter from a group of Senators or Representatives asking you to explain yourself on some topic or another. One recent such letter sent to Apple and Alphabet asks specifically about practices meant to track users or their interactions with the phone without their knowledge or consent. Luckily Apple has much to be proud of on that front. “Apple’s philosophy and approach to customer data differs from many other companies on these important issue,” preened Timothy Powderly, Apple’s director of federal government affairs, in the company’s response to the House Energy and Commerce Committee’s questions. “We believe privacy is a fundamental human right and purposely design our products and services to minimize our collection of customer data,” he goes on. “The customer is not our product, and our business model does not depend on collecting vast amounts of personally identifiable information to enrich targeted profiles marketed to advertisers.” To whom could Powderly be referring? The Committee’s questions were perhaps spurred by reports of unwanted collection of audio data from the likes of Amazon Echos and other devices that listen eagerly for the magic words that set them to work. So the actual queries were along the lines of: when a phone has no SIM card, what kind of location data is collected; whom does that data go to and for what purpose; does the device listen when it has not been “invoked”; and so on. Apple’s responses, which you can read here (thanks CNET ), are blessedly free of the kind of half-answers that usually indicate some kind of shenanigans. The answers to most questions are that users who have Location Services enabled on the phone will collect data depending on what wireless options are selected, and that data is sent to Apple in anonymous and encrypted form… and “this anonymous data is not used to target advertising to the user.” iPhones only listen in with a short buffer for the “Hey Siri” wake-up call, and queries to the virtual assistant are not shared with third parties. “Unlike other similar services, which associate and store historical voice utterances in identifiable form,” the answer goes on, throwing shade all the while, “Siri utterances, which include the audio trigger and the remainder of the Siri command, are tied to a random device identifier, not a user’s Apple ID.” This identifier can be reset at any time (turn Siri and Dictation off and on again) and any data associated with it will disappear as well.

Read More »

Twitter makes its Ad Transparency Center, announced before Congressional hearings in October, available to all users (Anthony Ha/TechCrunch)

Anthony Ha / TechCrunch : Twitter makes its Ad Transparency Center, announced before Congressional hearings in October, available to all users   —  Twitter is unveiling the Ads Transparency Center that it announced back in October.  —  This comes as Twitter and other online platforms have faced growing political scrutiny around …

Read More »

After Senate victory, House announces plans to force its own vote on net neutrality

Hot on the heels of a surprising 52-47 Senate disapproval of the FCC’s new, weaker net neutrality rules, the House of Representatives will soon attempt to force a similar vote under the Congressional Review Act. Representative Mike Doyle (D-PA) announced in a statement and at a press conference following the Senate vote that he will begin the process first thing tomorrow morning. “I have introduced a companion CRA in the house,” Rep. Doyle said, “but I’m also going to begin a discharge petition which we will have open for signature tomorrow morning. And I urge every member who’s uproots a free and open internet to join me and sign this petition so we can bring this legislation to the floor.” The CRA requires Senate and House to submit the resolution itself, in the former’s case Joint Resolution 52 , after which a certain number of people to sign off on what’s called a discharge petition, actually forces a vote. Senate votes to reverse FCC order and restore net neutrality In the Senate this number is only 30, which makes it a useful tool for the minority party, which can easily gather that many votes if it’s an important issue (a full majority is still required to pass the resolution). But in the House a majority is required, 218 at present. That’s a more difficult ask, since Democrats only hold 193 seats there. They’d need two dozen Republicans to switch sides, and while it’s clear from the defection of three Senators from the party line that such bipartisan support is possible, it’s far from a done deal. Today’s success may help move the needle, though. Should the required votes be gathered, which could happen tomorrow, or take much longer, the vote will then be scheduled, though a Congressional aide I talked to was unsure how quickly it would follow. It only took a week in the Senate to go from petition to floor vote, but that period could be longer in the House depending on how the schedule works out.

Read More »

Update: Facebook rolls out $40K user data abuse bounty ahead of Zuckerberg’s Congressional testimony

Update: This article has been updated to include comment from Facebook that bounties will not be awarded retroactively.  Ahead of Mark Zuckerberg’s Senate testimony today, Facebook has rolled out a number of product updates — including a bounty hunting program of up to $40,000 for user data violations — meant to address (and blunt) the criticism he’s likely to face. The bounties start at $500, according to a report by CNBC , and will be awarded if certain conditions are met. First announced amid a slew of updates Zuckerberg offered up in March as the scandal around abuse of user data by the political consulting firm Cambridge Analytica was first coming to light, the new bounty program is modeled off of Facebook’s attempts to combat hackers with a $1 million bug bounty. It’s the second product announcement today, following news that Facebook would stop apps from accessing user data if they haven’t been launched within 90 days. Facebook begins blocking apps from accessing user data after 90 days of non-use To be eligible for the bounty, the offending app must impact more than 10,000 Facebook users and show a clear pattern of abuse and not “collection” (in this case, I’m assuming abuse would qualify as transferring the data to a third party without permission). Facebook also stipulated that it should be a case that the company isn’t already actively investigating. Examples of “out of scope” scenarios include: scraping, malware, social engineering applications, and cases involving other Facebook companies (like Instagram). Facebook goes on to assure that if whistleblowers comply with the company’s policy, then the company won’t sue them (which is very big of Facebook). It also tries to ensure that all of the issues are kept quiet and far away from the meddling of the media which could blow the whole thing up and force company executives to testify in front of Congressional hearings. Here are some other details from the program: You give us time to investigate and act on an issue that you report before making any information about the report public or sharing such information with others. You make a good faith effort to avoid privacy violations and disruptions to others, including (but not limited to) unauthorized access to or destruction of data, and interruption or degradation of our or another’s services. You provide us with the Facebook data we request after we request it. You do not violate any other applicable laws or regulations, including (but not limited to) laws and regulations prohibiting the unauthorized access to data. Again, do  not  submit any data to us that you obtained unlawfully.

Read More »