Update: After Path Scandal, Apple Agrees to Require Explicit User Permission for Apps to Access Contact Data
In the past week, there has been considerable controversy about mobile applications’ downloading data after it was revealed that photo-sharing mobile application Path uploaded users’ entire address books without permission, and there was substantial public criticism of the company’s actions. After initially dismissing the criticisms, Path CEO Dave Morin apologized in a blog post and announced that the company had deleted the contact information uploaded to its servers and was releasing an updated version of the iPhone app to allow users to opt-in to the address-book upload.
In the aftermath of the Path scandal, news stories reported on the continuing problems with mobile applications’ privacy and security programs, as well as the culture concerning such issues in Silicon Valley. And it was reported that social-networking service Twitter also did not disclose that it downloaded users’ data, as well as Yelp and Foursquare.
Now, the Wall Street Journal reports that Apple has responded to the privacy scandal concerning apps’ downloading of data without user permission:
Apple has faced growing criticism that it has given iOS developers far too much access to address book information without requiring a user prompt.
Today, the company agreed with that assessment, and said that soon, apps that use address book data will require explicit user permission to do so.
“Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines*,” Apple spokesman Tom Neumayr told AllThingsD. “We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.” […]
Apple’s comment follows, by minutes, an inquiry from Congress, expressing concerns that iOS developers may be accessing and storing user data without proper permission. “This incident raises questions about whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts,” House Energy & Commerce Committee Chairman Henry Waxman and Commerce Manufacturing and Trade Subcommittee Chair G.K. Butterfield said in a letter to Apple CEO Tim Cook.
Here is the full letter (pdf) to Apple from Waxman and Butterfield.