Apple to ban stealthy iPhone contact data harvesting
Promises update to iOS after Congress asks about apps that grab address book without permission
Computerworld - Shortly after two U.S. Congressmen asked Apple to answer questions about iPhone and iPad apps that snatch users' contact lists without permission, the Cupertino, Calif. company promised it will address the issue with a future software update.
Earlier today, Reps. Henry Waxman (D-Calif.) and G.K. Butterfield (D-N.C.) sent a letter to Apple CEO Tim Cook asking him about iOS apps that have harvested users' address book information without permission.
Waxman and Butterfield cited reports that Path, which sells an iOS online journal app, was grabbing users' address books and uploading them to its servers. After the allegations went viral, Path's CEO apologized and said the company deleted the collected address books from its servers.
"We now understand that the way we had designed our 'Add Friends' feature was wrong," acknowledged Path CEO Dave Morin in a Feb. 8 mea culpa. "We are deeply sorry if you were uncomfortable with how our application used your phone contacts."
In the letter to Cook, Waxman and Butterfield, who are the top Democrats on two House committees, asked, "Whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts."
Waxman and Butterfield also sent a copy of the letter to Morin.
The legislators wanted answers to nine questions, including one about Apple's earlier decision to require developers to disclose use of location data in their iOS apps.
"You have built into your devices the ability to turn off in one place the transmission of location information entirely or on an app-by-app basis," their letter stated. "Please explain why you have not done the same for address book information."
In a statement issued to some media outlets, including the AllThingsD blog and the Reuters news service, Apple responded to that question.
"Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines," an Apple spokesman told AllThingsD and Reuters. "We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."
Apple did not immediately confirm the statement's accuracy.
In December, Apple reacted to controversy that third-party software was surreptitiously collecting a glut of information from iPhone users by promising it would provide an iOS update to remove the Carrier IQ code from all its smartphones.
At the time, a company spokeswoman said, "With any diagnostic data sent to Apple, customers must actively opt-in to share this information."
Apple's iOS App Store guidelines forbid programs from "transmit[ting] data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used."
Those rules also ban apps "that require users to share personal information, such as email address and date of birth, in order to function."
Apple has not updated those guidelines to specifically mention address books, although they have long prohibited apps that "do not notify and obtain user consent before collecting, transmitting, or using location data."
Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer, on Google+ or subscribe to Gregg's RSS feed . His e-mail address is firstname.lastname@example.org.
- Apple ships iOS 7.1 with CarPlay support, home screen crash fix
- Apple to fix iOS 7 crash bug
- Apple rang up $10B in app sales in 2013
- Balky browsers tick off tablet owners
- iPhone, iPad dwarf mobile rivals in small- and mid-sized firms
- iOS 7 now powers 3 out of 4 Apple devices
- How to fix iOS 7 glitches
- After a week, iOS 7 runs more than half of Apple's mobile devices
- First look: The new iPhone 5S impresses
- iOS 7 off to speedy adoption start
Read more about Privacy in Computerworld's Privacy Topic Center.
- Best iPhone, iPad Business Apps for 2014
- 14 Tech Conventions You Should Attend in 2014
- 10 Desktop Apps to Power Your Windows PC
- How to Add New Job Skills Without Going Back to School
- Slideshow: 7 security mistakes people make with their mobile device
- iOS vs. Android: Which is more secure?
- 11 sure signs you've been hacked
Red Hat Enterprise Linux - The Original Cloud Operating System
Linux adoption is growing against a number of measures, such as the
number of supercomputers that run Linux and the size of the contributing...
- OpenStack Hype vs. Reality: CIO Quick Pulse Open-source architecture can enable IT departments to build infrastructure-as-a-service (IaaS) clouds running on standard hardware.
- Building a Bridge to the Next Generation Data Center Selecting a widely adopted operating system is a foundational component of a standardization strategy.
- OpenStack and Red Hat: IDC White paper Most OpenStack deployments are by public cloud providers that are early adopters of technology and use OpenStack in a do-it-yourself deployment and support...
- Data Protection and Disaster Recovery with iSCSI and VMware Get this on demand webcast now
- Webinar: Building a Big Data solution that's production-ready Big data solutions are no longer just a nice-to-have. All Privacy White Papers | Webcasts