After the recent “silence” over the iOS issue, in which iOS applications have been accessing, transmitting and storing user contact data without explicit permission, Apple has finally responded to reports – Path was the first to be flagged for this and other on the similar lines including Twitter, Foursquare etc – now require any iOS app that wishes access to contact data need to be granted permission first by a user action, reports All Things D.
“Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines*,” Apple spokesman Tom Neumayr told AllThingsD. “We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”
The issue results in such a way indicated that the incident raises questions about whether Apple’s iOS app developer policies and practices may fall low in sight of protecting the information of iPhone users and their contacts. The iOS developers might be accessing and storing user data without proper permission.
House Energy & Commerce Committee Chairman Henry Waxman and Commerce Manufacturing and Trade Subcommittee Chair G.K. Butterfield said in a letter to Apple CEO Tim Cook. “How many iOS apps in the U.S. iTunes Store transmit information from the address book? How many of those ask for the user’s consent before transmitting their contacts’ information?”
Here are the excerpts from the letter:
- Please describe all iOS App Guidelines that concern criteria related to the privacy and security of data that will be accessed or transmitted by an app.
- Please describe how you determine whether an app meets those criteria.
- What data do you consider to be “data about a user” that is subject to the requirement that the app obtain the user’s consent before it is transmitted?
- To the extent not addressed in the response to question 2, please describe how you determine whether an app will transmit “data about a user” and whether the consent requirement has been met.
- How many iOS apps in the U.S. iTunes Store transmit “data about a user”?
- Do you consider the contents of the address book to be “data about a user”?
- Do you consider the contents of the address book to be data of the contact? If not, please explain why not. Please explain how you protect the privacy and security interests of that contact in his or her information.
- How many iOS apps in the U.S. iTunes Store transmit information from the address book? How many of those ask for the user’s consent before transmitting their contacts’ information?
- You have built into your devices the ability to turn off in one place the transmission of location information entirely or on an app-by-app basis. Please explain why you have not done the same for address book information.
(Image Source: TechInfo)