Apple has quietly tightened its App Store rules to better protect users from developers who want to harvest their data or sell it to third parties. Previously, developers would ask for users phone contacts and sometimes then sold that data without the explicit consent of the users or their contacts, according to Bloomberg, which spotted the change. The changes to the rules, which were made last week, explicitly state that developers are banned from turning address books into a database of contacts and from selling that database. They also cant turn data into user profiles. Developers can still ask users for contact lists for use within their app, but theyll have to tell users exactly what theyre going to do with the data. If they have more than one purpose in mind, theyll have to ask for further consent. Facebook came under fire in March for allowing a third-party developer to obtain the data of over 87 million people during the Cambridge Analytica fiasco. The timing of the new App Store rules seems to indicate Apple is trying to prevent similar data misuse from its developers. But the company cant do anything about the data thats already been collected and potentially sold by developers. And while Apple can remove apps from developers who violate these rules, it doesnt have full control over what those developers choose to do with the data once its obtained from users, which is the same problem that Facebook ran into.
Developers explicitly can't sell info to third parties. Apple updated its app guidelines last week, and while the biggest news was a widespread ban on cryptocurrency mining, the company also tightened its grip on what developers can and can't do with user info. Specifically, it restricted apps' abilities to collect, harness and share anyone's contact information. Per Bloomberg, app developers have been abusing their access to users' contact info for years. Their apps ask for access first, then harvesting the data for marketing purposes or even selling it outright -- all without permission from the contacts affected. Apple's updates to the App Store guidelines now prohibit developers from making databases of info gleaned from address books, nor can they request access to contact info under one pretense and then use it for something else -- they have to get consent for what they're actually using it for. And selling that data to third parties is now forbidden. Apple isn't making these changes in response to any particular scandal, though its CEO Tim Cook certainly criticized Facebook during the Cambridge Analytica scandal for that company's misuse of user data. (He later rejected the assertion that Apple inappropriately received any personal info from the social media company during this time period.) But following the implementation of the EU's privacy-intensive GDPR last month, restricting third parties' potential access to data sourced from users on Apple's devices seems a smart move anyway.