Apple App Developers New Guidelines Prevent Foul Play

Apple has introduced new app store guidelines for developers that restricts them from cryptocurrency mining and remote mirroring apps, they also want developers to provide free trials for the paid apps in the Store. Apple have also introduced clear rules for data sharing that will help prevent developers from collecting data of users and building an advertising profile.

The rules also prevent the developers from Harvesting the data from iPhone Contacts, some examples of the rules are shown below:

  •  Apps should not attempt to surreptitiously build a user profile based on collected data and may not attempt, facilitate, or encourage others to identify anonymous users or reconstruct user profiles based on data collected from Apple-provided APIs or any data that you say has been collected in an “anonymized,” “aggregated,” or otherwise non-identifiable way.
  • Do not use information from Contacts, Photos, or other APIs that access user data to build a contact database for your own use or for sale/distribution to third parties, and don’t collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.
  • Do not contact people using information collected via a user’s Contacts or Photos, except at the explicit initiative of that user on an individualized basis; do not include a Select All option or default the selection of all contacts. You must provide the user with a clear description of how the message will appear to the recipient before sending it (e.g. What will the message say? Who will appear to be the sender?).

The updated guideline puts an end to the secretive data collection techniques that developers would use to collect data from the Store. In the past, the developers have used iPhone contacts to mine data of the users’ friends and build a network of advertising graphs that include phone numbers, email addresses, photos and information that is unnecessary to collect.

One of the iOS developers said exactly how much data was accessible and how it could be obtained and abused without the company ever knowing.  “The address book is the Wild West of data,” the iOS developer said. “I am able to instantly transfer all the contacts info into some random server or upload it to Dropbox if I wanted to, the very moment a user says okay to giving contacts permission. Apple doesn’t track it, nor do they know where it went.”

The developers are now explicitly forbidden from using the apps to build their advertising user profiles and collect other sensitive data. Apple has also prohibited sending bulk SMS to the users’ contacts. Developers who are caught breaking the rules will be banned from the App Store.

Take your time to comment on this article.

Related posts

Water Facilities Must Secure Exposed HMIs – Warns CISA

Microsoft December Patch Tuesday Arrived With 70+ Bug Fixes

NachoVPN Attack Risks Corporate VPN Clients