Privacy questions over HealthKit, Watch earn Apple a grilling from Connecticut's attorney general

Apple has said it will protect personal information collected through Health apps and the Apple Watch, but regulators in the US want to know how it will monitor and enforce privacy policies.

The attorney general for Connecticut has called on Apple to reveal how it intends to protect health data collected from its forthcoming Apple Watch with health-tracking capabilities.

Connecticut AG George Jepsen has asked Apple CEO Tim Cook for a meeting with Apple reps to answer questions about how it plans to store and protect personal information collected from the device once it goes on sale next year.

While encouraged by Apple's claims that health information will be encrypted on the device and that users can decide which apps can access their health data, Jepsen wants to know what Apple will do to keep those apps in line. Similarly, Apple has also introduced WatchKit for third-party app developers.

All Apple coverage

Apple's iPhone 6, Watch revealed: roundup

Apple's iPhone 6, Watch revealed: roundup

Apple announced on Tuesday, after months of speculation, the latest iPhone. Here's what you need to know, as well as a roundup of ZDNet and CNET's coverage.

Read More

Ahead of the the Watch unveiling , Apple also updated its App Store Review Guidelines with new rules for HealthKit, requiring all Health apps to have a privacy policy. Sensibly, Jepsen wants Apple to confirm whether it will actually review the contents of developers' privacy policies.

Another update to HealthKit's review guidelines meant that Health apps used for diagnoses or treatment advice will be rejected by Apple if they don't have written regulatory approval. Jepsen wants to know whether Apple will request that documentation for every application in this category and if not, answers to how it intends to enforce the provision.

Other questions Jepsen wants to settle are whether Apple Watch will store health information on the device itself and/or its servers, and in each instance how data will be protected. Apple has said that HealthKit any apps that  store user data in iCloud will be rejected .

Apple already made clear that it doesn't want developers to sell user information collected through Health apps for advertising, but will allow them to share data for medical research. However, Jepsen would like to know what information that the device and apps collect from users in the first place, and how developers will obtain consent from the user to collect and share it.

He also wants to know what features and apps will be on Apple Watch and when it will be available for consumers to purchase in Connecticut.

Jepsen said the letter to Cook was "an invitation for dialogue, not an accusation against Apple".

Jepsen fired off a similar letter to Google CEO Larry Page in June last year over Google Glass, with questions about restrictions on facial recognition functionality, image and video capture, and how it would handle consent for the collection of data. Jepsen's office notes in a press release that  following that meeting, "Google implemented a policy requiring review and approval of third-party applications developed for the device before they would be made available to users."

Read more on Watch

Related Topics:

Apple PCs Servers Storage Networking Data Centers

More from Liam Tung

Related Stories

    • 1 of 3