When congress calls, Apple answers. According to CNet, Apple general counsel and senior vice president of legal and government affairs, Bruce Sewell, has sent two congressmen a 13-page letter detailing the whys and wherefores of Apple’s policies and procedures for collecting location-based data. The letter is in response to an inquiry sent last month by the co-chairmen of the House Bi-Partisan Privacy Caucus, Ed Markey (D-MA) and Joe Barton (R-TX), to Apple CEO Steve Jobs, inviting him to clarify recent changes to Apple’s privacy policy dealing with location information.
Before directly answering the congressmen’s questions, Sewell delves into an overview explanation of Apple’s privacy policy, its location-based services, and third-party applications. According to the document, while Apple does collect some location-based information in order to provide services, the company avoids storing most of that data and, in cases where it does, the data is not connected with any personal information. The policy covers various models of iPhone and iPad as well as Macs running Mac OS X Snow Leopard or Safari 5.
Among the more interesting tidbits revealed in Apple’s response is that as of iOS 3.2—the version of Apple’s mobile software that first shipped on the iPad—the company no longer relies on location databases provided by partners Google and Skyhook Wireless. Previously, Apple relayed location information to those companies in order to determine location by cell tower and Wi-Fi access point respectively. During that time, however, Apple has apparently used information from its mobile devices to build up its own database of location information for both cell towers and Wi-Fi access points; that database is accessible only by Apple itself. Devices running previous versions of the Apple’s mobile software continue to use the third-party databases.
The document also sheds some light on Apple’s new iAd network, launched earlier this month. In this case, Apple says that the latitude and longitude information collected from a mobile device is transformed immediately into a five-digit ZIP code; the latitude and longitude information is discarded, but the ZIP code is stored. Apple plans on storing that data for six months in order to improve iAd and prevent users from seeing duplicate ads; after that period is up, the information will be aggregated. As previously reported, users can easily opt out of the data collection if they so desire.
In all cases, Apple stresses that it requires the consent of the user before collecting any location-based information, and that it provides easy ways to disable the location services in each and every product that has the capability. It also requires that developers who distribute mobile software via the App Store adhere to a number of provisions governing the collection of data.
Apple concludes its document by answering nine questions posed by the congressmen, and saying that it “shares the [congressmen’s] concerns about the collection and misuse of location data.” Statements from representatives Markey and Barton both seemed content with Apple’s response.