Apple/Path: measures against contact recovery

After the Path application affair which slowly copied iPhone users address books and sent them to developers, Apple has toughened the access rules to such personal data, only allowing information to be sent with user’s explicit consent.

Sensitive to questions about respecting users privacy (especially since they are closely monitored on this point), Apple has decided to reinforce their policy of giving access to users private information via mobile applications.

While some requests user’s authorisation before accessing their address book, generally for interactivity with social networks, others access this data without the users agreement. The issue became public with the Path mobile application, which copied users data to a server, later changing their policy by revealing that numerous other applications did the same, suggesting that the practice was rather common to the detriment of users.


What does the iOS ecosystem do with personal information?
Apple, already caught recovering users location data last year (considered as personal data, at least in Europe), prefers to protect themselves from criticism by blocking access to the address book in iOS.

Developers will therefore have to explicitly request access to this information, following the same mechanism already used for the localisation information. Since this update should have been integrated for a long time, tit is perhaps already too late to avoid questions from American authorities (and possibly European) about the management/collection of personal information within the iOS platform.