OVERNIGHT TECH: Privacy advocates eye new Apple features

THE LEDE: At its annual developers conference on Monday, Apple announced new features and expanded uses of current features that could raise some concerns among privacy advocates and privacy-minded lawmakers.

The company announced that it would be expanding the uses for its Touch ID, the iPhone’s fingerprint verification feature. While that feature can currently be used to unlock a phone, it will soon be available to log in to applications.

ADVERTISEMENT
“People love using Touch ID, and now, third party apps can take advantage of Touch ID as well,” Craig Federighi, Apple’s senior vice president of software engineering, said during Monday’s presentation. While less than half of iPhone users had passcodes before the company rolled out Touch ID, 83 percent enabled passcode or fingerprint unlocking once the feature was introduced, he said.

Federighi touted the feature’s privacy and security protections. “It always keeps the fingerprint data itself completely protected inside of the secure enclave in the A7 processor,” he said. “The information is never exposed to third party apps or the rest of the system, for that matter. It’ very secure.”

Despite those assurances, the expanded use of the fingerprint ID feature could raise eyebrows among privacy advocates. Sen. Al Franken (D-Minn.) — who wrote to Apple about the privacy implications of Touch ID when it was announced last year — said he is “looking forward to finding out more about” Apple’s Monday announcement. “Using fingerprints as passwords can be a double-edged sword: it adds convenience, but it often creates potential long-term security concerns,” Franken said in a statement.

Also, a new health, fitness data center: Apple also announced a new feature that would incorporate health data from other applications to create what Federighi called “a composite profile of your activity and health” with built-in privacy protections. “We carefully protect your privacy, so you have total control over which applications have access to which part of your healthcare information,” he said.

Pam Dixon, executive director of the World Privacy Forum, warned that Apple should be careful with this “quasi-health data,” which can be used, often without the user’s knowledge, to affect healthcare costs. “The really innocent, simple fitness information is actually really important” in determining healthcare costs, she said. 

While Apple isn’t subject to the Health Information Portability and Accountability Act — which governs how traditional healthcare providers use and share data — the company “is going to have to be really careful” to give users “full confidence that the [health and fitness] information isn’t going anywhere,” Dixon continued.

SCOTUS rulings slap top patent court: The Supreme Court on Monday issued two rulings reining in the rights of patent holders that have been established by the U.S. Court of Appeals for the Federal Circuit, the country’s top patent court. In a case between tech companies Akamai and Limelight, the court said a company does not infringe on a method patent if it replicates only some of the steps described in the patent. In another case between companies producing heart rate monitors, the Supreme Court raised the specificity standards for infringement claims.

The rulings come after the Senate Judiciary Committee walked away from its attempts to craft a patent litigation reform bill, but patent reform advocates say the Supreme Court’s Monday actions are a step in the right direction to curb abuse of the patent system. The ruling in the Limelight case “shuts down another potential avenue of going after customers, which is a good thing,” Julie Samuels, executive director of tech advocacy group Engine, said. “It also is promising to see the continued pushback on the Federal Circuit, whose broad — and unjustified — reading of the law has led to the troll problem.”

FCC releases spectrum auction rules: The Federal Communications Commission on Monday published a 484-page order outlining its rules for the 2015 spectrum auction, which will involve buying airwaves back from television broadcasters and reselling them to wireless companies looking to boost their cellphone networks. At its monthly meeting in May, the Commission voted 3-2 to approve the agency’s plans for the auction, including limiting some companies — especially industry giants AT&T and Verizon — from participating in parts of the auction.

The National Association of Broadcasters said it is “currently wading through the rather lengthy order.” In a statement, the group’s Executive Vice President of Communications, Dennis Wharton reiterated that its “twin aims are to help ensure the best chance for auction success while holding harmless those local TV stations committed to staying in business who wish to continue serving their tens of millions of viewers."

FCC’s O’Rielly calls for internal tech advances: FCC Republican Commissioner Michael O’Rielly took to the agency’s blog on Monday to criticize the FCC for calling on the private sector to make specifical technical improvements without making the same improvements itself. “The FCC loses credibility when it seeks to impose rules or standards on the private sector but does not adhere to the same or similar commitments in its own operations,” O’Rielly wrote.

He pointed to the agency’s recent work to improve the 911 system, despite the fact that within the FCC, callers have to dial 9 before dialing outside numbers, including 911. O’Rielly encouraged the agency to go through with the “simple” update to the phone systems to allow direct dialing to 911 and then help other agencies complete a similar update. “This potential life-saving fix is especially important because in addition to hosting employees and visitors, many of our Federal buildings have day care centers with infants and young children on site,” he wrote.

O’Rielly also criticized the agency’s efforts to keep up with the IPV6 transition, which involves updating websites to make them compatible with Internet Protocol addresses assigned under the new, bigger IPV6 address system. Despite the FCC’s calls on the private sector to “quickly move” to the new system, 12 percent of the agency’s subdomains are IPV6 compatible, O’Rielly wrote. “For an agency that just proposed rules and questions that aim to micromanage the way the Internet works, this seems ironic,” he said, referencing FCC Chairman Tom Wheeler’s controversial attempts to rewrite the agency’s net neutrality rules.

 

ON TAP

Mike Rogers, the new director of the National Security Agency, will speak at a Bloomberg Government event on cybersecurity, which begins at 9 a.m.

The Senate Appropriations Subcommittee on Commerce, Justice, Science and Related Agencies will markup the 2015 funding bill for those agencies at 10:30 a.m.

At 1 p.m., the National Telecommunications and Information Administration will hold the next in its series of meetings to craft a set of privacy-enhancing best practices for facial recognition technologies and the companies that use them. According to the agenda, the meeting — which will be livestreamed on the Commerce agency’s site — will include discussions of possible definitions to be used and risks to be addressed through the code of conduct.

 

IN CASE YOU MISSED IT

The Federal Aviation Administration may allow a handful of filmmakers to fly non-military drones.

The Department of Justice is cracking down on hackers in Russia and Ukraine who, officials say, are making millions of dollars by stealing bank information and holding computer files for ransom.

Sen. Orrin Hatch (R-Utah) is pressuring President Obama to end the 16-month vacancy at the top of the U.S. Patent and Trademark Office.

The National Security Agency (NSA) sifts through online communications to find millions of images for its facial recognition surveillance programs, according to a report from The New York Times.

 

Please send tips and comments to Kate Tummarello, katet@thehill.com, and Julian Hattem, jhattem@thehill.com

Follow Hillicon Valley on Twitter: @HilliconValley, @ktummarello, @jmhattem