Apple Requires User Permission Before Apps Can Access Personal Data in iOS 6

[MacRumors]

Earlier this year, Apple came under fire from consumers advocates and Congress after it was discovered that apps, most notably Path, were uploading users' entire address books to their servers without alerting users or asking for authorization. Path deleted the information, but a pair of U.S. Congressmen sent a letter to Apple asking for information on the company's data collection policies.

More recently, LinkedIn came under fire for transmitting information from iOS calendar entries back to its servers in plain text.

In the OS X Mountain Lion beta, Apple began requiring apps to get explicit permission to access user's address book information, and Apple PR said in February that any iOS app "wishing to access contact data will require explicit user approval in a future software release."

Starting with iOS 6, Apple now requires apps to get explicit user permission before accessing Contacts, Calendars, Reminders, and Photos. From the "Data Privacy" section in Apple's iOS 6 Release Notes:

In addition to location data, the system now asks the user's permission before allowing third-party apps to access certain user data, including:

- Contacts
- Calendars
- Reminders
- Photo Library

For contact, calendar, and reminder data, your app needs to be prepared to be denied access to these items and to adjust its behavior accordingly. If the user has not yet been prompted to allow access, the returned structure is valid but contains no records. If the user has denied access, the app receives a NULL value or no data. If the user grants permission to the app, the system subsequently notifies the app that it needs to reload or revert the data.

As the iPhone and iPad have grown in popularity, Apple has come under increasing scrutiny over the privacy practices of both Apple and developers participating in the App Store ecosystem. Last year, Senator Al Franken asked both Apple and Google to require app developers to have "clear and understandable" privacy policies.

Apple later agreed to comply with a new California law requiring links to privacy policies in consistent locations and provide a method for users to report apps that do not comply with privacy requirements.

Congress also got involved over the disclosure of location information to app makers, going so far as to introduce a bill that would force companies to get explicit authorization before disclosing the user's location to anyone. Apple now asks the iOS users if Location Services should be enabled during the initial setup process.

iOS 6 is currently in beta and is expected to be publicly released this fall.

Article Link: Apple Requires User Permission Before Apps Can Access Personal Data in iOS 6

 

[Delighted]

useful but i never found the privacy thing to be an issue. I put all my user data on the phone but I never felt it was being used inappropriately.

 

[Apple...]

Apple: "No more lawsuits, please?"

 

[nepalisherpa]

Passive, but, a good move on Apple's part!

 

[applesith]

I guess that's good so users have a better idea of what the app is accessing, but don;t you already know based on what the app does?

 

[carfac]

Doesn't make any difference because Facebook plays too fast and loose with private data. Apple may secure it, and FB will just give it away... and then say, "Whoops!"

 

[ChazUK]

Good move IMO. This will put an end to any apps leaking data and make users responsible for their choices.

 

[doobybiggs]

Apple Requires User Permission Before Apps Can Access Personal Data in iOS 6

not a bad idea really ... just in case you get a rogue app doing something its not suppose to.

I just dont like the drop of supporting Iphone 4 and before with some of the apps.

 

[AppleGuesser]

Honestly, ive never felt unsafe ever with my information being sent out. From what I and many others can tell is that the information isnt used maliciously. So I will never understand how people have panic attacks that some random app saw on their calendar they need to pick up milk or something like that

 

[kuito]

I wish it also allowed Developer to have a small description of why Facebook or whatever app wants to access my calendar or whatever. instead of just going "hey they want access to X, okie?" -- it'd just be good to know at least one of the reasons why.

 

[jonnysods]

Yes, I told Facebook to go fly a kite.

 

[AppleGuesser]

Yeah, and how many "android users" can download as many apps as iOS that use location, contacts, etc? Not many. Most use the default apps preloaded and then facebook/twitter. Pretty easy to control just a handful of apps. Obviously Android has lots of apps and people do download them, but majority dont, plain and simple.

 

[Delighted]

Sure, but Google has already sold all your information, so really this is moot, anyway.

Apple will make the process easier.

 

[G5isAlive]

Seems like a no brainer to me. Wonder why they didn't before?

 

[doobybiggs]

Sure, but Google has already sold all your information, so really this is moot, anyway.

apple secretly tracked you and sold your info ... both points moot

 

[Krazy Bill]

Well, duh?

 

[STC1709]

facebook is retarded, i hope there company fails but that doesn't look like it will happen. All people ever do is go on facebook, live on facebook its ridiculous. So many lives ruined because of that garbage

 

[AppleGuesser]

Seems like a no brainer to me. Wonder why they didn't before?

Just in the last year or two have 3rd party apps really gained so much access. Think about it, the App store wasnt even around until the iPhone 3G. The iOS platform is young and growing at a crazy rate. I'm sure Apple has been looking at an efficient way of dealing with privacy leaks for some time

 

[Comeagain?]

Doesn't make any difference because Facebook plays too fast and loose with private data. Apple may secure it, and FB will just give it away... and then say, "Whoops!"

You can deny the Facebook app the ability to see anything in Settings. There is a separate switch for Contacts, Calendars, Reminders, Photos, and Location Services.

 

[DeF46]

Good move IMO. This will put an end to any apps leaking data and make users responsible for their choices.

Yeah that's all it does: move the responsibility to the users for lack of beign able to redo the whole thing.

Install any extension in Chrome, and you're told "needs access to x,y,z". You have to reply "Ok" otherwise you don't get to use pretty much any useful extension.

This is a bit sad, but what can we do?

These kind of dialogs are always bad. It's like "Hey, this downloaded program could be insecure. Do you want to run it?" . Gee, I don't know? Yes?

 

[SBlue1]

This is great!

 

[clukas]

a lll these security popups in ios6 and mountain lion remind me of

which apple criticised so heavily in vista.

 

[paradox00]

Android has always done this. Fail

No it hasn't. You're told what the app has access to when you install it,you can't opt in or out of parts later.

 

[Apple...]

No it hasn't. You're told what the app has access to when you install it,you can't opt in or out of parts later.

Roasted.

 

[tigress666]

Awesome! Good step.