Welcome to Scribd. Sign in or start your free trial to enjoy unlimited e-books, audiobooks & documents.Find out more
Download
Standard view
Full view
of .
Look up keyword
Like this
1Activity
0 of .
Results for:
No results containing your search query
P. 1
Letter Cook Response 03.02.12

Letter Cook Response 03.02.12

Ratings: (0)|Views: 5,818|Likes:
Published by Jennifer Van Grove

More info:

Published by: Jennifer Van Grove on Mar 14, 2012
Copyright:Attribution Non-commercial

Availability:

Read on Scribd mobile: iPhone, iPad and Android.
download as PDF, TXT or read online from Scribd
See more
See less

05/13/2014

pdf

text

original

 
March
2,
2012
VIA HAND AND
EMIAL
DELIVERY
The Honorable Henry
A.
WaxmanRanking Member, Committee onEnergy and CommerceUnited States House of RepresentativesWashington,
D.C.
20515The Honorable
G.K.
ButterfieldRanking Member, SubcommitteeonCommerce, Manufacturing,
andTrade
United States House
of
RepresentativesWashington,
D.C.
20515Dear Congressmen Waxman
and
Butterfield,I am writing in
response
to
your
letter
of February15,
2012
regarding
consumer
privacy disclosures fromapplicationdevelopers related toinformationcontained inan iPhoneaddressbook.
J.
Summary
of
Apple's
Policies
and
Procedures
A.
Apple's
Commitment
toProtecting
our
Customers'
Privacy
Thankyou forthe
opportunity
todiscuss
consumer
privacy issues. Apple
is
deeplycommitted toprotecting
the
privacy of
our
customers who use
our
devices, and we
are
proud of
our
record. We havea single,comprehensive privacy policy for all
of
our
productsthat can be reached from every page of
our
website. We have installed industry-leadingfeatures,including
the
"Find
My
iPhone" feature
that
can
be
usedto
erase
personal
data
onaniPhone if lost
or
stolen, as well asmaking the default privacysettingon
our
browser,Safari, the most restrictive in
the
industry. We do not
share
personally identifiableinformation with third parties for their marketing
purposes
absent
consent.
As
discussedmore fully below, we
require
that
third-party appdevelopers
that
makeapps availablefordownload in
our
App Storeabideby certain privacyguidelines. Apple hasan
unwavering
commitment to giving
our
customers
clear
andtransparent
notice, choice,
and
control
over
theirpersonalinformation. Forexample,
our
softwarehasabuilt in
requirement
forexplicit
userconsent
beforean applicationcanaccesslocation-based information. Whenan application
requests
the device locationforthe first time,adialog box
appears
stating: "[Application]would like to use
your
current
location." The
customer
is
asked: "Don'tAllow"
or
"Ok."
If
thecustomer
clicks
Apple
r.
!
I,
t
\I','.
1(1
'.J
I.j"
"
T',
°l.,
r
1(:2
4',:11
(!1n"!'lii
"111,1,.(,;f'11
 
"Don't Allow,"
no
location-based information will be provided to
the
application. Thisdialogue box
is
mandatory -
neither
Apple's applications
nor
those
of third parties
are
permitted to override it. Similarly, we have announced
that
we
will be enhancing explicituser consent to include contact data (Address Book) in a future software release.
B.
Inclusion in
the
App Store
Your inquiry concerns,
at
least
in
part,
the
behavior
of
third-party applicationdevelopers.
In
July 2008, Apple launched
the
App Store
where
customers
can shop for andacquire applications offered by third-party developers. The App Store provides third-partydevelopers a storefront from which they can
market
and sell their wares. Currently,
the
App Store has over 550,000 third-party applications covering a wide variety
of areas
including games, news, health, travel, education, business, sports, and socialnetworking.The vast majority of these applications do
not
collect
or transmit
any
user
data whatsoever.And
our
privacy policy makes clear to
our
users
that
once a
third-party
application
is
downloaded to the user's device,
the
user's exchange of information with
that
third-partyapp is between the user and
the
app, and
that
the information exchange
is
governed by
the
privacy policy of
the
app.Since July 2008, over 24 billion
apps
have been downloaded by customers usingApple devices. A recently completed economic analysis by TechN
et
shows
that
over450,000 jobs have been created
in
the
application development and deployment
sector
since
the
App Store was launched.
1
In
order
to offer an application for download in
the
App Store, a third-partydeveloper
must
be registered as an "Apple Developer" and agree to
the
iOS
DeveloperAgreement (the
"IDA")
and
the
Program License Agreement (the
"PLA").
Apple providesthird-party developers with review guidelines, and conducts a review
of
all applicationssubmitted for inclusion
in
the
App Store for compliance with
these
documents.The App Store Review Guidelines
set
forth the technical, design, and contentguidelines Apple will use when reviewing an app for inclusion in
the
App Store. Theseguidelines state
that
apps "cannot
transmit
data
about
a
user without
obtaining the user'sprior permission and providing the
user
with access to information
about
how and
where
the data will be used." This includes the transmission
of
personally identifiableinformation.
In
addition,
the requirements
ofthe
PLA
empower users
to control access touser
or
device data, and require
user
consent before user
or
device data can be collected.The relevant portions
of the
PLA
state
that:3.3.9.
You
and Your Applications may
not
collect
user or
device data
without
prioruser consent, and then only to provide a service
or
function
that
is directly relevantto
the
use of
the
Application,
or
to serve advertising.
You
may
not
use analyticssoftware
in
Your Application to collect and send device data to a third party.
1
Available online
at
httD:/fwww.technet.orglnew-technet-sponsored-studv-nearlv-500000- aop-economv-
jobs-
in-united-states-february-
7-
201
21
(accessed on February
21,2012).
 
3.3.10.
You
must
provideclear and completeinformation to users regardingYour collection,useanddisclosure
of user
or
device data.Furthermore,
You
must takeappropriatesteps to protect such data from unauthorized use, disclosure
or
accessby third parties. Ifa
user
ceases toconsent
or
affirmativelyrevokesconsentfor Your collection,use
or
disclosure
of
his
or
her
user
or
device data,
You
must
promptlyceaseallsuchuse. Other portionsofthe
PLA
address
accesstoanduse
of
location information,compliancewith laws
of
generalapplicability(including privacylaws),and the protectionof intellectual property. Apple receivesover 26,000 applications forrevieweachweek,and approx
im
ately 30%
are
rejected for failure tocomply withall
of
thedeveloper guidelines.
In
mostcases,the developeraddressestheoutstandingissueand resubmitsthe application.
C.
Compliance
Aftertheapp
is
approvedforinclusion
in
the AppStore, a teamof Apple employees
is
responsible foraddressing anyissuesthat arise. Apple conductsperiodic randomaudits of appsthat
are
in the App Store. Further, Apple routinely receives information
about
potentialviolationsfrom users,competitors,developers,and
other
sources. When Applebecomesaware of apotential violation,such as an appnot obtaining consent prior to accessinguser data
in
an
address
book, Apple investigates,contactstheapplication developer,andif necessary,workswiththedeveloper toremedythe violation.
If
anapplicationdeveloperrefusestocome
in
tocompliance,theapplicationwill be expeditiouslyremoved fromtheAppStore. Applehasrecently worked with Path and
other
third-partyapplicationdevelopersto ensure
thatour
users receive accurate notice
about
the developers'
request
foraccessto users'addressbooks.
II.
Responses
to the Written
Questions
1.
Please
describe
all
iOS
App Guidelines
that
concern
criteria related
tothe
privacy
and
security
of data
that
will
be
access
or
transmitted
by
an
app.
For Apple's responsetothis question, please see the"Apple'sCommitment to Protection
our
Customers' Privacy"and "Inclusion
in
theApp Store"sectionsabove.
2.
Please
describe how
you
determine
whether
an app
meets those
criteria.
For Apple's responsetothis question, pleasesee the "Inclusionin the App Store" section above.

You're Reading a Free Preview

Download
scribd
/*********** DO NOT ALTER ANYTHING BELOW THIS LINE ! ************/ var s_code=s.t();if(s_code)document.write(s_code)//-->