Almost a week after the New York Times demonstrated that an iOS app could upload a customer’s photo library to a remote server without their knowledge or express permission, the newspaper’s home-state senator is stating the obvious: Apple should fix that. And while it’s at it, start making apps ask for permission when uploading a user’s entire address book. For extra incentive to fix it quickly, Sen. Charles Schumer of New York is publicly calling for the Federal Trade Commission to investigate the issue, as Reuters reported Sunday night.
It’s not just Apple’s mobile software that has been caught with this loophole, but Google’s Android apps too — the Times followed up last week on its iOS story with another demonstration showing that Android apps could also access the user’s photos unbeknownst to them. Schumer wants the FTC to set its sights on Google in this case too.
Saying what most logical people are thinking, Schumer writes: “These uses go well beyond what a reasonable user understands himself to be consenting to when he allows an app to access data on the phone for purposes of the app’s functionality.”
Smartphone makers should be required to put in place safety measures to ensure third party applications are not able to violate a user’s personal privacy by stealing photographs or data that the user did not consciously decide to make public … When someone takes a private photo, on a private cell phone, it should remain just that: private.
It’s good to know our elected officials are paying attention. Though this call for investigation could fall into the category of “too little, too late” since Apple is rumored to be working on a fix.
Apple did not respond to a request for comment, and it has not said anything publicly despite the brouhaha that’s broken out over the photo libraries — though it would be just like Apple to not say a word, and just issue a fix.
Google also appears to know this is a problem and has made noises that it’s time to think about an update.
Photo from Sen. Schumer’s official Flickr feed.