The report of Palm snooping on its customers is growing in volume within the blogosphere with many taking the allegations seriously. To be clear the allegation can not be confirmed.
Palm responded to our request for comment with this statement:
“Palm takes privacy very seriously, and offers users ways to turn data collecting services on and off. Our privacy policy is like many policies in the industry and includes very detailed language about potential scenarios in which we might use a customer’s information, all toward a goal of offering a great user experience. For instance, when location based services are used, we collect their information to give them relevant local results in Google Maps. We appreciate the trust that users give us with their information, and have no intention to violate that trust.”
Hess says he took a close look at the code in his Pre’s WebOS and found that the phone was periodically sending information to Palm. Some of this data is fairly benign, such as information on WebOS crashes. Things get a little freakier, however, if you believe Hess when he asserts Palm is gathering users’ GPS information, along with data on every app used, and for how long you used it. This information gets uploaded to Palm on a daily basis, Hess claims.
Without the capability to hack into WebOS, there doesn’t seem to be a way to disable this alleged communication, Hess says. According to Palm’s terms and conditions for the WebOS there is nothing that mentions this exact type of data collection and reporting. However, a section of Palm’s terms does say it has the right to “collect, store, access, disclose, transmit, process, and otherwise use your Registration Data, account or Device information,” and may also do the same with your location data to provide location services.
The terms also note that Palm can disclose “any information” to law enforcement authorities, so keep that in mind if you’re on the run from the law. Compared to the iPhone, which allows users to block location tracking by switching off the phone’s “Location Services,” Palm seems to be prying from the moment you turn on the phone’s map service.
Lauren Weinstein, co-founder of People for Internet Responsibility, said he’s still collecting information and didn’t want to comment on Hess’ report until he could confirm it. But Weinstein says he’s generally wary of usage terms and conditions that allow data collection, especially if the user can’t opt out through the device. He said location data is particularly sensitive, because it can be requested or subpoenaed.
“Any time there’s automatic reporting that includes what users are doing, and there hasn’t been some kind of affirmative acknowledgment … that opens up some questions,” he said.