letter to mr. dick costolo of twitter
TRANSCRIPT
-
8/2/2019 Letter to Mr. Dick Costolo of Twitter
1/3
FRED UPTON, MICH IGANCHA IRMAN
Mr. Di ck Costolo
ONE HUNDRED 1WELFTH CONGRESS
HENRY A. WAXMAN , CALIFORNRANKING MEMBER
ctCongress of tbe mlniteb $tates~ o w ) e of l\epresentatibes
COMMITTEE ON ENERGY AND COMMERCE2125 R AYBURN H OUSE O FF ICE B UILDINGW ASHINGTON, DC 20515- 6115
Majority (202 ) 225- 2927Minori ty (202) 225- 3641
March 22, 20 12
Chief Executive Officer, Twitter, Inc.795 Folsom Street, Suite 600San Francisco, CA 94107Dear Mr. Costolo:
Last month, a developer of applications ("apps") for Apple' s mobile devices discoveredth at the social networking app Path was accessing and collecting the content s of hi s iPhoneaddress bo ok without having asked for hi s consent. I Following the reports about Path,developers and members of the press ran th eir own small-scale tests of the code for other popularapps for App le's mobile devices to determine whi ch were accessing address book informa tion2Around this time, three other apps released new versions to include a prompt ask ing for users'consent before accessing the address book] In addition, concerns were sub sequently raisedabout the manner in which apps can access photographs on Apple's mobile devices.4
I Arun Thampi, Palh Up loads Your En lire iPhone Address Book 10 lIS Servers, mclov.in (Feb. 8,20 12) (ava ilable at www. mclov. in/20 12 /02/08/path-upl oads-yo ur-entire-address-book-to-the irservers. html).2 See, e.g. , Dieter Bolm, iOS Apps and Ihe Address Book: Who Ha s Your Dala, and HowThey 're Gelling II , The Verge (Feb. 14 ,2012) (available atwww.theverge.coml2012/2114/2798008/ios-apps-and-the-address-book -what-you-need-toknow); Matthew Panzarino, Wha l iOS Apps Are Grabbing Your Data, Why They Do II and WhalShould Be Done, The Next Web (Feb. 15 , 2012) (available atwww. th enextweb.com/ insider/20 I2/02 /15/what-ios-apps-are-grabbing-your-data-why-they-do-i tand-what-should-be-donel); Jennifer Van Grove, Your Address Book is M in e: Many iPhoneApps Take Your Dala, VentureBeat (Feb. 14,2012) (ava ilable atwww.ve nturebeat.comI2012/02114/ iphone-address-bookl).J Id.4 Nick Bilton, Apple Loophole Gives Developers Access 10 PhD los, The New York Times (Feb.28,2012) (available at www.bits. blogs.nytimes.comI20 12/02/28/tk-ios-gives-developers-accessto-photos-videos- Iocation/).
-
8/2/2019 Letter to Mr. Dick Costolo of Twitter
2/3
Mr. Dick CostoloMarch 22, 20 12Page 2
'y,/e are writing to you because we want to better understand the in formation co llectionand use poli cies and practices of apps fo r Apple ' s mobile dev ices with a soc ial e lement. Wereques t that you respond to the follow ing questions regarding the Twitter app:
( I) Through the end of February 20 12, how many times was yo ur iOS app do wnloadedfro m Appl e' s App Store?
(2) Did you have a privacy policy in place for your iOS app at the end of Feb ruary20 12? If so, please te ll us when your iOS app was first made ava ilable in Apple ' sApp Store and when you first had a privacy policy in place. In addit ion, pleasedesc ribe how that po licy is made avai lable to your app users and pl ease provide acopy of the mo st recent po licy.
(3) Has your iOS app at any time transmitted in fo rmat ion from or abo ut a user' saddress book? If so, whi ch fie ld s? Also, pl ease desc ribe a ll measures taken toprotect or sec ure that information during transmission and the periods of timeduring whi ch those measures were in effect.
(4) Have you at any time stored information from or about a user' s address book? Ifso, which fi eld ? Also, please desc ribe a ll measures taken to protec t or sec ure th atin formation du ring storage and the periods of time during whi ch those meas ureswere in effect.
(5) A t any time, has your iOS app transmitted or have you stored any other informationfrom or about a user' s de vice - including, but not limited to, the user's phonenumber, email account information, ca lendar, photo ga llery, WiFi co nn ec tion log,the Unique Device Iden ti fier (UDID ), a Media Access Control (MAC) address , orany other ident ifi er unique to a specific device?
(6) To the extent you store any address book in formatio n or any o f the in formation inquest ion 5, please describe a ll purposes for whi ch you store or use that in forma tion,the length of time for which you keep it, and yo ur po licie s regarding sharing of thatinformation.
(7) To the extent you transmit or store any address book in formation or any of thein fo rmation in quest ion 5, please describe a ll notices de li vered to users o n themobile dev ice screen about your co llec tion and use practices both prior to and afterFebruary 8, 20 12.
(8) The iOS Developer Program License Ag reement detai ling the ob ligat ions andresponsibilities of app deve lopers reportedl y s tates that a developer and itsapp lications "may not co llect user or device data without prior user consent , and
-
8/2/2019 Letter to Mr. Dick Costolo of Twitter
3/3
Mr. Dick CostoloMarch 22, 2012Page 3
then only to provide a service or function that is directl y releva nt to th e use of theApplication, or to serve advertising.,,5(a) Please describe all data avai lable from App le mobile devices that you
understand to be user data requiring prior consent from the user to beco llected.
(b) Please describe all data avai lab le from Apple mobile devices that youunderstand to be device data requiring prior consent from th e user to becollected.
(c) Please describe all services or nll1ctions for which user or dev ice data isdirectly relevant to the use of your application.
(9) Please list all industry se lf-regulatory organizations to which you belong.Please provide the information requested in writing no later than Apri l 12 , 201 2. If you
have any questions regarding this request, contact Felipe Mendoza with th e Energy andCommerce Committee staff at 202-226-3400.
Sincerely,
b anking Member,-"""",uconunittee on ommerce,
Manufacturing, and Trade
5 101m Paczkowski , Apple: App Access to Contact Data Will Require Explicit User Permission,A ll Things D (Feb. 15, 20 12) (avai lable al www.allthingsd.com/20 1202 15/apple-app-access-tocon acl-da ta-wi11-req u ire-expi ici -user-permissionl).