House Oversight Lawmaker Wants Apple, Google to Step Up Security on Apps With Foreign Ties

Lawmakers on the House Oversight and Reform Committee continue applying pressure to Google and Apple, seeking—at a minimum—commitments from the tech giants to be more transparent with users about the applications in their app stores.

In separate letters to Google and Apple Tuesday, Rep. Stephen Lynch, chairman of the subcommittee on national security, sought assurances that the companies would warn users about applications that are developed, operated or owned by foreign entities and could pose privacy risks to Americans.

The letters followed recent testimony from intelligence and FBI officials outlining national security risks posed by foreign-owned apps, including the ability to create “backdoors” into user devices and sharing user information with the government in which it resides.

“As industry leaders, Apple and Google can and must do more to ensure that smartphone applications made available to U.S. citizens on their platforms protect stored data from unlawful foreign exploitation, and do not compromise U.S. national security,” Lynch said in the letters.  “At a minimum, Apple and Google should take steps to ensure that users are aware of the potential privacy and national security risks of sharing sensitive information with applications that store data in countries adversarial to the United States, or whose developers are subsidiaries of foreign companies.”

Were Apple and Google to comply, users would be warned about the potential dangers before downloading certain applications like TikTok, a popular social media app owned by Beijing-based startup ByteDance. Last month, Secretary of State Mike Pompeo floated the possibility of the U.S. government banning TikTok over its connections with China. Currently, neither Google nor Apple requires developers to provide users with information regarding where their data is stored—or which country has jurisdiction over that data. The companies also do not decide what user data can be accessed by a third-party application.

In the letters, Lynch requests answers from the companies regarding whether they’ll up their transparency game with users, whether they’ve removed foreign-connected applications from their app stores and why, and whether they have recommendations for improving user protection from foreign-connected applications.