According to new rules recently published by Apple, iOS app developers must refrain from creating a database of the information gleaned from users’ Contacts and to sell it on.
Wealth of private information
The information contained in Contacts can be substantial. Aside from the contact’s first and last name, phone numbers and email addresses, each entry can contain additional information such as date of birth, job details, company name, photo, social profiles, additional notes, and more.
“Do not use information from Contacts, Photos, or other APIs that access user data to build a contact database for your own use or for sale/distribution to third parties, and don’t collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing,” warn the updated App Store Review Guidelines.
Apple has also forbidden developers to repurpose data collected for a stated purpose without obtaining consent for that from users. Also, the information collected via a user’s Contacts or Photos should not be used to prod those contacts to install the developers’ app if the user hasn’t agreed to it.
“You must provide the user with a clear description of how the message will appear to the recipient before sending it (e.g. What will the message say? Who will appear to be the sender?),” Apple explained.
For those who fail to do all this and are caught, Apple threatens expulsion of the app from the App Store and of the developer from the Apple Developer Program.
The importance of privacy
Apple has always touted user privacy as an important thing, but it has definitely ramped up efforts to make privacy a selling point and to differentiate itself from the likes of Google and Facebook, whose main moneymaker is targeted advertising based on the massive amount of data they collect on users.
These latest changes aimed at curtailing the misuse of user data don’t prevent developers from collecting it if they obtain express permission from the user. The permission can be revoked by via app-specific controls in the iPhone settings and the app will stop collecting the contacts in the address book, but users can’t make the developer delete the data the app has previously gathered.
Original Story Source: HelpNetSecurity