App makers fret over Apple crypto case’s impact

When it comes to protecting privacy, Morgan Reed, executive director of a trade group for app developers, said he's hearing conflicting messages from government.

App developers bound by federal standards for mHealth software are concerned they’re getting mixed signals from the government about encryption in relation to the Apple-vs-FBI case.

Speaking to lawmakers on the House Science, Space and Technology Committee’s research and tech subcommittee Wednesday, Morgan Reed, executive director of ACT | The App Association, said his trade group’s members are hearing conflicting messages from the government regarding privacy, encryption and data security. 

He specifically referenced the House Judiciary Committee hearing from Tuesday, during which FBI Director James Comey defended his agency’s use of the court system to try to compel Apple to help unlock the iPhone of one of the San Bernardino shooters.

“On one hand, you have Comey saying, ‘Well, I don’t know about this encryption stuff’ at a certain level — and yet, NIST is telling us in order to protect privacy and health, that we must engage with high-level cybersecurity elements, like encryption,” Reed told lawmakers.


A representative from the trade group said later it wasn’t aware of any of its mHealth members receiving subpoenas for information on their users, but Reed called on Congress to “make sure they’re giving us the right message and make sure the solution makes some sense.“ 

Throughout the hearing, witnesses and lawmakers focused on how to balance encouraging innovation by health app developers on the one hand while still ensuring patient privacy and security on the other.

Several panelists underscored the need to update the Health Insurance Portability and Accountability Act, a major health law that governs the safety of patients’ health information.

“Much of the guidance around remote patient access to data on HIPAA predates the iPhone,” Reed said, adding that HIPAA guidance came out in 2006, and the iPhone was released in 2007.

He said the slow pace at which HIPAA has been updated stymies development in the field and impedes investment.


“As you’re considering places where there is movement, there is room there,” he told lawmakers.

During the hearing, several members of the witness panel, which included no government representatives, showcased the promise of apps in the health care field. Bryan Shaw, a Baylor University chemist, demonstrated an app called Cradle — short for computer assisted detector of leukocoria — which uses a smartphone’s camera and image library to detect leukocoria, a white reflection in the pupil. 

Leukocoria, which impacts one in 80 children, can be symptom of retinoblastoma, or retina cancer, and other eye diseases. 

Shaw developed the app after doctors found his son Noah had retinoblastoma tumors in both eyes. The leukocoria had gone undetected during regular visits to his pediatrician — it was Noah’s mom who first noticed the telltale white reflection in a picture. The white reflection was caused by the camera flash bouncing off the tumors in Noah’s eyes. In the end, Noah lost his right eye, but doctors were able to salvage his left eye, Shaw said.

Later, Shaw found out that leukocoria had been appearing in pictures of Noah for months, since he was 12 days old. Shaw said the app aims to detect this symptom earlier.


“Had we noticed leukocoria then, it likely would have saved both of Noah’s eyes,” he said. “Unfortunately our story is common, but Cradle is beginning to make it less common.”

Contact the reporter on this story via email, or follow her on Twitter @whitneywyckoff. Sign up for all the federal IT news you need in your inbox every morning at 6:00 here:

Latest Podcasts