Apple is trying to make it harder for developers to abuse users' information collected through apps. According to a report from Bloomberg, Apple updated its App Store Review Guidelines last week with more detailed rules on what developers can do with users' Contacts address book information. Now, developers cannot make databases using address book information collected from iPhone users, nor can they share or sell such databases to third parties.
"Do not use information from Contacts, Photos, or other APIs that access user data to build a contact database for your own use or for sale/distribution to third parties, and dont collect information about which other apps are installed on a users device for the purposes of analytics or advertising/marketing," states the updated guidelines. Those found in violation of the new rules could be banned from the App Store.
Users must already opt in to sharing Contacts information with app developers, but now Apple has placed more restrictions on what developers can do with that information after they obtain it. Once permission is given, though, users can't pull back data funneled to a developer. However, there are controls in an iPhone's settings to revoke permission for a particular app to access Contacts information—that way the developers can't get any additional information from your address book.
That information can be extensive—developers can see things like names, phone numbers, addresses, and photos when they're allowed access to a user's address book. For some developers, that can be a treasure trove of information they can then use to further their businesses or sell. Apple is making it harder for its App Store developers to gain or profit off of users' information, much of which the user may not be even be aware that the developer can access.
While Apple didn't publicize this change to the App Store Review Guidelines, it has taken many steps recently to increase the security and privacy of its platforms. Last month, the company cracked down on apps that shared users' location data without explicit consent. In a broad-stroke update to the Guidelines, Apple forbid developers from sharing data collected from apps to third parties for reasons other than enhancing the user experience, improving software or hardware, or serving advertisements in compliance with Apple's Developer Program License Agreement.
Apple also recently announced a slew of security and privacy improvements coming in iOS 12 and macOS Mojave. These new features include end-to-end encryption for group FaceTime calls, tools for generating stronger passwords, and anti-tracking enhancements in Safari.
Apple has touted its dedication to user privacy for a long time, but it has been doing so even more as controversies surround companies like Facebook and Google. Facebook's Cambridge Analytica scandal came about precisely because the company's ineffective privacy measures allowed app developers to collect and share user data with third parties. Facebook and Google also make money off of user data, selling the promise of wide reach and targeted advertising to numerous companies. Apple is attempting to further distance itself from Facebook and Google by giving users more tools to control access to their information and by enacting more rules that make it harder for app developers to abuse user information.
[contf] [contfnew]
Ars Technica
[contfnewc] [contfnewc]