Once Path issued an apology for violating users’ privacy by sending their address book information to its servers, people turned to and blamed Apple for even allowing this to happen. Apple has finally publicly responded by saying apps will soon require users’ permission to access contact data.
“Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines,” Apple representative Tom Neumayr told AllThingsD. “We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”
Indeed, this does already violate the iOS developer guidelines. Section 17.1 states:
Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.
The upcoming software update (iOS 5.1?) will presumably present an alert to users formally requesting permission to access and transmit contact information just like iOS already does for location information.
Now that Apple has publicly addressed the issue after a week of controversy, it needs to face a letter from Congress asking for clarification. Maybe then — and only then — we can finally put all of this chaos behind us.