Vlingo co-founder explains data-collection issues
With Carrier IQ and O2's most recent data-snooping, people's vigilance about what information cellphones transmit is increasing. Using a Galaxy Note, AndroidPit found that every four minutes, Vlingo's voice-recognition app was sending a packet of data to an unencrypted server. The packet contained your GPS co-ordinates, IMEI (unique device identifier), contact list and the title of every song stored on your device -- without proper warning in the privacy policy you agree to when starting up the app. We spoke with co-founder John Wynn, product marketing head TJ Leonard and communications manager Erin Keleher, who gave us a full and frank discussion about what's going on and the steps it's taking to remedy the situation, which we've got for you after the break.
The trio conceded that the privacy policy and user agreement included in the app were simply out of date and didn't match the behavior of the software it offers. The company is preparing a revised version, the biggest hurdle being that it has to be accurately translated into six languages. The use of your IMEI number as the key to your stored information wasn't seen as an issue because it's anonymous, but it will investigate a less-reliable cookie-based system. The names of your contacts and song titles are stored to help the app accurately match your voice requests, although we'd hope it would be able to distinguish "Lady Gaga" and "Larry Garber" without it. Still, no cellphone numbers are sent or recorded by the app -- with GPS co-ordinates used to provide location-relevant results.
So why the alarmingly regular data updates? The four minute upload time is unintentional, it should only update when the app is used, and only then to refresh any changes. The company has been unable to replicate the issue in the lab, suggesting that it's isolated to a narrow group of units. Unencrypted transmissions will shortly be a thing of the past, as the company migrates its storage to HTTPS. It has full (and sole) control of your data, promising that it would never sell or share it, but it is kept indefinitely to aid in future product testing. Users can, if they wish, email the site to ask for their information to be wiped at any time. Vlingo's promised to switch to a model where if someone hasn't used the app within six months, the data will be wiped, but there's no timeframe on that.
In order for Samsung users to enjoy the benefits of the secure update, the company has to complete a revised, fully tested version of the app before passing it along. There it will be tested again by the Korean giant's in-house team before being rolled out to users. This will take a significant period of time. Vlingo's attempting to resolve as many of these issues as it can before entering into a "full conversation" with its partner. It's also planning to foreground a revised privacy policy and public statement as it aims to maintain a level of trust with its user base, we'll include the latter here as soon as we get it.
Show full PR text
We take any claims about our customers' privacy and security very, very seriously. We certainly appreciate that we have individuals who are passionate enough about Vlingo's products and about their own privacy rights to conduct this sort of in depth investigation. No question it has raised some real issues, and we have already begun to address the bugs internally.
First, to be clear, Vlingo does make use of information about each device in order to improve the quality of our service. Some examples of this include:
· We use the current location of the device to improve search results, for example, to display nearby restaurants when the user does a restaurant search.
· We use the device make & model to improve recognition accuracy since microphone characteristics can vary from one type of device to the next.
· We use names from the address book on the device to improve speech recognition accuracy (and to spell those names correctly) when users speak those names while performing tasks like voice dialing or SMS dictation.
· We use song titles and artist names from music on the device to improve speech recognition accuracy when users speak those names while requesting that specific music be played.
· We use the carrier information to work around some issues we've found on some carrier-specific wap gateways
While we transmit and store this information, Vlingo itself does not store any user-identifiable information-meaning we have no way to associate a list of songs or contact names to the user they came from.
Even though we intend to be very transparent about what information we are using in our Privacy Policy, we have discovered that our Privacy Policy is somewhat out of date. For example, we are not mentioning the fact that we are sending song titles and artist names from the device. We will be updating the Privacy Policy to reflect this.
The above information is currently being sent via the HTTP protocol. We are in the process of migrating our communication protocols from HTTP to more secure HTTPS. Already, some of our client applications are using HTTPS, and new versions of our applications will be using HTTPS in the future.
In many cases, we are using the device IMEI as the unique identifier to distinguish communication from different devices to our system, which matches the convention used by many other mobile applications to identify unique devices. The IMEI cannot be used to track the actual identification of the user, but we understand that in some rare cases, the IMEI can be abused. We're investigating switching to other mechanisms like cookies in the future.
We have found several bugs that are causing us to send more data than we intend:
· If you start the application for the first time using the widget (and only using the widget) and then cancel out of the initial disclaimer, we are currently sending some device-specific data to the server erroneously.
· Our application is currently including the device location information with device information like contact names and song titles. Our intention is to only send location with a speech recognition request, and the location should be omitted from background device-information transmissions.
These issues are errors and are by no means intentional. We plan to fix them as soon as possible and will release updates to the user community as well as through our OEM partners. In addition, we will be improving our processes to ensure that our application behavior with respect to privacy matches our intention.
For users who are happy with the Vlingo application and want to continue using it, we thank you and recommend that you continue using the service. For users who want to stop using Vlingo and are concerned that our servers can still contain data from your device, you can contact support@vlingo.com with your IMEI, and we will remove sensitive information such as contact names from our servers.
Again, we are grateful to the individuals that uncovered these security issues. We are all very proud of the service that Vlingo provides to millions of happy active users, we apologize for these mistakes, and we are doing all we can to ensure that our users can continue accessing our application in full knowledge that their personal information is secure.