A team of 10 state Attorney Generals lately sent a letter to Apple CEO, Tim Cook, telling the company to use tougher privacy and security settings for programs accessible via the Apple App Store that monitor, gather, store, or transfer reproductive health information. Attorney General of New Jersey, Matthew Platkin, wrote the letter. The attorneys general of Connecticut, California, Illinois, North Carolina, Massachusetts, Oregon, Vermont, Washington, D.C., and Washington signed the letter.
The Supreme Court in Dobbs v. Jackson Women’s Health Organization made a decision to take away the Federal right to an abortion and empowered individual states to create their law on abortions. A number of states have already presented bans or prohibitions on abortions. The state AGs are worried that the health data accumulated using health applications may be weaponized against individuals by law enforcement, individuals, or private organizations.
The AGs state the privacy and security breaks related to health applications available from the App Store endanger the privacy and security of App Store clients, and that operates directly counter to Apple’s expressed commitment to safeguarding user information. Apple claims that good privacy controls are integrated into the Apple Health application, for example, 2-factor authentication, and health data encryption right up until an Apple iPhone is unlocked by utilizing a passcode, Face ID, or Touch ID. Health information is likewise encrypted at rest and in transit while it is synced to iCloud, and the most recent version of iOS and watchOS have standard 2FA and passcode-limited access, meaning Apple cannot see users’ health information. Apple additionally claims that there are currently fine-grained settings for third-party health applications that make use of the HealthKit framework, which allow people to define what data may be read by the applications, and end users of third-party applications need to either give or reject permission for every app to read and write information to the HealthKit shop.
The state AGs state Apple hasn’t done enough to safeguard end-user privacy and has advised Apple to keep going. They have required Apple to
- teach third-party application creators to remove non-essential end-user information, for example, location background, search history, and other related data of clients who may be acquiring access to reproductive medical care.
- show clear and visible notices informing iPhone end users that there is a chance of
- disclosing reproductive healthcare information to third parties, o requiring all third-party
- application creators to just share reproductive healthcare information when they are given a valid subpoena, court order, or search warrant.
Third-party applications that gather, use, keep, or transfer reproductive health information, or that synch with end-user health information on Apple devices, must be instructed to match or surpass the privacy and security criteria of Apple. In case any health application doesn’t satisfy these requirements, Apple ought to get rid of the applications from the App Store, and must carry out regular audits of applications to make sure of standard compliance.
[The] use of an application or service must not come at the expense of customers losing power over their health information. So, Apple ought to follow these steps to guard the reproductive health privacy of consumers. These actions will make sure that Apple remains faithful to its dedication “to give a secure experience for end users.