Thursday, February 16, 2012

Apple: software update will enforce iOS contact data restrictions

Until now, Apple has relied on iOS policy to enforce restrictions on collecting user contact data without explicit permission, but no longer. A gigantic FUBAR over Path uploading the entire iPhone address book to its servers --- without explicitly asking for permission.

Top Outdoor Brands up to 70% OFF - LeftLane Sports
It's a violation of Apple's guidelines the company said, but until now, those guidelines have been the only way to enforce them. If a developer was unaware of those rules, there wasn't anything in IOS to keep him from doing so. That's about to change.

Apple spokesman Tom Neumayr said, "Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines.

"We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."

While Path was the first major app to be spotlighted with this behavior, on Tuesday, a number of reports profiled other apps with this type of behavior, including Foursquare. Path has since released an update requiring users to opt-in to sharing their address book with Path's servers.

Another well-known iOS app, Twitter, does ask for the permission of users before uploading their address books. That's all well and good, but then it stores that contact info for up to 18 months.

It's not the first such privacy furball on iOS. Last spring, a location-tracking file was discovered on iOS devices. After remaining mum for quite some time on the issue, Apple called it a "bug" and removed it with a software update.

Now it appears to be "fixing" yet another privacy bug. In this case, Apple had a long-standing policy against the behavior, but the company is finally doing what it should have done long ago: enforcing it in its APIs.

No comments: