Apple updates App Store rules to prevent devs gathering data from contacts

iPad and iPhone

Apple has tweaked its App Store policies, closing a loophole that made it possible for developers to gather data from phone contacts and then sell or share that data without consent.

Until very recently app developers have been able to ask for permission to access users' address books and then use this permission to gather data about contacts. But with the latest policy change -- introduced with no announcement -- Apple has clamped down on this practice in the name of privacy.

See also:

The updated guidelines were introduced last week, and were first spotted by Bloomberg. This privacy-related change is the second unadvertised alteration Apple has made to its policies recently. The company also just introduced a ban on cryptocurrency mining activity.

The changes explicitly state that developers may not build a contact database using information gathered from users' contacts:

  • (iv) Do not use information from Contacts, Photos, or other APIs that access user data to build a contact database for your own use or for sale/distribution to third parties, and don’t collect information about which other apps are installed on a user's device for the purposes of analytics or advertising/marketing.
  • (v) Do not contact people using information collected via a user's Contacts or Photos, except at the explicit initiative of that user on an individualized basis; do not include a Select All option or default the selection of all contacts. You must provide the user with a clear description of how the message will appear to the recipient before sending it (e.g. What will the message say? Who will appear to be the sender?).

Developers must not only ask for explicit permission to access contact data, but also fully explain how this data will be used -- multiple times if the data is to be used for more than one purpose.

Image credit: BigTunaOnline / Shutterstock

© 1998-2018 BetaNews, Inc. All Rights Reserved. Privacy Policy - Cookie Policy.