Apple and Google return to Capitol Hill to defend themselves against accusations from politicians who say companies aren't doing enough to protect their customers' location privacy.
Declan McCullaghFormer Senior Writer
Declan McCullagh is the chief political correspondent for CNET. You can e-mail him or follow him on Twitter as declanm. Declan previously was a reporter for Time and the Washington bureau chief for Wired and wrote the Taking Liberties section and Other People's Money column for CBS News' Web site.
Apple and Google returned to Capitol Hill this morning to defend themselves against accusations from U.S. politicians who claim that the companies aren't doing enough to protect their customers' location privacy.
"I think anyone who uses a mobile device has an expectation of privacy, and sadly that expectation is not always being met," said Sen. John Rockefeller IV (D-W.V.), chairman of the U.S. Senate Committee on Commerce, Science, and Transportation. A mother posting a smartphone photograph of her child online, he suggested, may not realize that "geotagged" location data may be embedded in the image file.
The hearing, like last week's, grew out of revelations that iPhones and Android phones were recording information about owners' locations, and, in some cases, transmitting that data to Apple and Google without sufficiently clear consent.
Sen. John Kerry (D-Mass.) said that "we need companies like Google and Apple and Facebook" to join Microsoft, which has "already come down on the side of common sense" in this area.
It wasn't clear what Kerry meant. Microsoft also collects records of the physical locations of customers who use its mobile operating system, but the company did not testify at today's hearing and has not responded to a list of questions about its data collection practices that CNET posed on April 25.
While no specific location privacy bill has appeared as a result of last month's privacy flap, there have been calls for a Federal Trade Commission investigation, and unrelated "do not track" legislation has recently been introduced. Sen. Ron Wyden, an Oregon Democrat, has drafted legislation that would curb warrantless access to location histories by police (see CNET's Q&A with Wyden), and another bill announced this week also touches on the topic.
"Apple does not track users' locations -- Apple has never done so and has no plans to ever do so," said Catherine Novelli, Apple's vice president for government affairs. A free iOS software update released on May 4 changed the way iPhones store location information and included some bug fixes, including one that caused crowd-sourced location information to be stored on and downloaded to the device even after Location Services had been turned off.
Google's Alan Davidson said that "location sharing on Android devices is strictly opt-in for our users, with clear notice and control."
"Google does not and cannot control the behavior of third-party applications, or how they handle location information and other user information that the third-party application obtains from the device," he said. "Google does strongly encourage application developers to use best practices," which the company has publicly outlined. Those include: giving users choice, creating privacy policies, and not logging information.
While the discussion was billed as being about mobile privacy, it soon veered in other directions, with senators waving around their iPhones and asking about "do not track" lists and ads in e-mail, an apparent reference to e-mail spam. And Sen. Mark Pryor (D-Ark.) wondered whether it geotracking was ever "legitimate" -- even though without an app's ability to transmit its location, location-based services wouldn't function.
Today's situation is that "apps that are totally unregulated. and the question is what do we do about that," Rockefeller said. "They have to be regulated."