Apple has quietly closed the loophole that lets app makers store and share data without users consent. The company last week changed its App Store rules to limit how developers use information about iPhone owners’ friends and other contacts. This indeed is a perfect move from Apple that puts an end to years of practice where developers ask users for access to their phone contacts, and then later use it for marketing without proper permissions.
Sharing of users information without their consent is what got Facebook into trouble and by announcing new privacy updates, the company is boosting its reputation for safeguarding user data. At the WWDC stage, the company introduced new controls that limit tracking of web browsing. Apple publicly didn’t mention the updated App Store Review Guidelines that now bar developers from making databases of address book information they gather from iPhone users. Anyone caught breaking this violation will be banned.
Apple back in 2012 has added a way for users to explicitly approve their contacts, photos, location information, and other data being uploaded by developers. Apple says that all apps should include a link to their privacy policy in the App Store. The privacy policy must clearly and explicitly identify the data it collects, app developers should confirm with whom the user data is shared. Finally, explain its data retention/deletion policies and describe how a user can revoke consent and/or request deletion of the user’s data.
Furthermore, Apple says that apps that collect user or usage data must obtain user consent for the collection. Paid functionality must not be dependent on or require a user to grant access to this data. App developers should only request access to data relevant to the core functionality of the app and should only collect and use data that is required to accomplish the relevant task.