Become a MacRumors Supporter for $25/year with no ads, private forums, and more!

MacRumors

macrumors bot
Original poster
Apr 12, 2001
54,690
16,868


Apple device owners who participated in the Apple Hearing Study that Apple is conducting with the University of Michigan School of Public Health are today receiving emails letting them know about a bug that resulted in excess data collection.

apple-hearing-study-bug.jpg

Those who enrolled in the study consented to allow Apple and researchers to collect headphone sound level, environmental sound level, heart rate, and workout data types. The data is used to help researchers better understand the link between long-term sound exposure and the impact on hearing health.

According to the email participants are receiving, a bug in the study caused up to 30 days worth of historical data to be collected. Data collection did not fall outside of what was consented to when participants signed up, but the sign up form did not mention the collection of historical data.
Thank you for your participation in the Apple Hearing Study. When you enrolled in the study, you provided consent to collect certain headphone sound level, environmental sound level, heart rate, and workout data types during the enrollment process. This data is collected to help researchers, listed in the consent form, understand the link between long-term sound exposure and its impact on hearing health. We recently learned that due to a bug, after study enrollment, the Apple Hearing Study unintentionally collected up to 30 days of historical data for these authorized data types. The study only collected data after your consent was obtained. However, the study consent form does not state that historical data will be collected.

The bug has now been fixed with a study app update and historical data received to date have been deleted. We remain committed to your privacy and will continue to monitor for and delete any additional historical data if received until you update your Apple Research app. Please update your Apple Research app to the latest version here, to receive the fix.

At no time did Apple have access to information collected from the Apple Research app that could directly identify you. Please refer to the study informed consent form for additional details on the data that is being collected, how your data is stored, and who your data might be shared with for the purposes of the study.
Richard Neitzel, the principal investigator in the study, says that Apple did not have access to information collected from the Apple Research app that could be used for identification purposes.

The bug has been addressed with an update to the Apple Research app and historical data received to data has been deleted. To ensure no further historical data collection, participants are being asked to update their Apple Research apps.

Article Link: Apple Hearing Study Bug Results in Accidental Historical Data Collection From Participants
 
  • Like
Reactions: jgelin and jjm3

chipchen

macrumors 6502a
Oct 30, 2002
581
225
This sounds fine and dandy. Good response. EXCEPT the part about historical data... Now I'd like to know if they accidentally had access to historical data about headphone volume, etc... what other historical data do they collect on my device? If something as seemingly frivolous as headphone volume is kept, that means lots of other "historical data" may be collected. And if that's the case, other breaches in security (thinking Cambridge Analytica type issues here) may be harvesting that said data. Things like historical data of keystrokes would be a nightmare.
 

9927036

Cancelled
Nov 12, 2020
472
458
This sounds fine and dandy. Good response. EXCEPT the part about historical data... Now I'd like to know if they accidentally had access to historical data about headphone volume, etc... what other historical data do they collect on my device? If something as seemingly frivolous as headphone volume is kept, that means lots of other "historical data" may be collected. And if that's the case, other breaches in security (thinking Cambridge Analytica type issues here) may be harvesting that said data. Things like historical data of keystrokes would be a nightmare.
Exactly. The historical data did not come out of thin air. As always people give Apple a pass and say how concerned they are about our privacy. I hope someone is going to ask Apple how did they manage to collect historical data.
 

mannyvel

macrumors 65816
Mar 16, 2019
1,021
1,709
Hillsboro, OR
All that stuff is in the health app/healthkit, and is saved forever. You turned that on when you turned on ambient noise and sound level monitoring, and you can turn it off if you want.

Come on people. If you pretend that you care you should at least pretend to understand the basics of what you consented to.
 

370zulu

macrumors 6502
Nov 4, 2014
298
253
It is scary how much data about us on stored or collected by devices. Not just iPhones. When I see something like this, it makes me wonder how much of my life is really on my device.
 
  • Like
Reactions: Huck

ghostface147

macrumors 68040
May 28, 2008
3,632
3,828
My only issue is that each time I wipe my phone, for whatever reason, I have to start the program all over again and then the clock resets. Oh well.
 

G725

macrumors newbie
Oct 28, 2016
23
29
Why does it even log all this data by default? If it can upload historical data from before you did participate, it must also be logging a lot of other stuff forehanded.
 

azmscle

macrumors member
Oct 15, 2020
49
127
California, USA
This sounds fine and dandy. Good response. EXCEPT the part about historical data... Now I'd like to know if they accidentally had access to historical data about headphone volume, etc... what other historical data do they collect on my device? If something as seemingly frivolous as headphone volume is kept, that means lots of other "historical data" may be collected. And if that's the case, other breaches in security (thinking Cambridge Analytica type issues here) may be harvesting that said data. Things like historical data of keystrokes would be a nightmare.
It specifically states that the historical data was only collected on the authorized data types. But go on and keep fear mongering.
 

truthertech

macrumors 68020
Jun 24, 2016
2,109
2,263
I agree it's refreshing for a company to be upfront and quickly resolve an issue, but Apple needs to be better than this. Bugs like this shouldn't happen, certainly not on anything that resembles a medical study.
LOL: "Bugs like this shouldn't happen." Bugs are always going to happen for the foreseeable future, even major ones. This is an insignificant trivial issue that no one is going to care about.
 

a2rael

macrumors newbie
Dec 13, 2011
21
2
Centralia, PA
I really do wish you could delete the Health app. I know Europe seems to have a new law that states ANY app can be deleted from phones. Hopefully it passes.
The app continues to take in data even though I have it turned off. I use a different app for steps and running, and have Motion privacy turned OFF. However, every few days I check and my data, steps length and such are in the health app. I have to wipe it at least once a week. Why do they keep track when I set it to off?
Very shady of Apple. Can't they just do what they say they're going to do?
 
  • Disagree
Reactions: haganah and KeithBN

anthonyjr

macrumors regular
Sep 27, 2007
117
185
Cue class action lawsuit in 3...2...1
I really can’t see a class action lawsuit after a study accidentally got a few extra weeks worth of environmental decibel readings, headphone volume settings, and heart rate data... All of which was all technically consented to - just maybe not “specifically” for the week prior to signing.

I’m kind of thankful that this bug came forward alongside data / a study that honestly isn’t very lucrative sounding in terms of data harvest. These aren’t deep-diving health statistics or additional data types that weren’t meant to be collected.
 
  • Like
Reactions: KeithBN

montuori

macrumors member
Sep 14, 2004
40
79
New Orleans, LA
Accidental right ;)
Yep. IRBs do not take kindly to PIs who intentionally don't follow protocols and HIPAA violations can result in fines that are not just slaps on the wrist. I think the good money is on this incident being accidental (not "accidental" with scare quotes) and they're speaking the truth when they say the data are anonymous.

I can understand the skepticism but sometimes a mistake is just a mistake.
 
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.