We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,259 News Articles

Apple to ban stealthy iPhone contact data harvesting

Promises update to iOS after Congress asks about apps that grab address book without permission

Shortly after two U.S. Congressmen asked Apple to answer questions about iPhone and iPad apps that snatch users' contact lists without permission, the Cupertino, Calif. company promised it will address the issue with a future software update.

Earlier today, Reps. Henry Waxman (D-Calif.) and G.K. Butterfield (D-N.C.) sent a letter to Apple CEO Tim Cook asking him about iOS apps that have harvested users' address book information without permission.

Waxman and Butterfield cited reports that Path, which sells an iOS online journal app, was grabbing users' address books and uploading them to its servers. After the allegations went viral, Path's CEO apologized and said the company deleted the collected address books from its servers.

"We now understand that the way we had designed our 'Add Friends' feature was wrong," acknowledged Path CEO Dave Morin in a Feb. 8 mea culpa. "We are deeply sorry if you were uncomfortable with how our application used your phone contacts."

In the letter to Cook , Waxman and Butterfield, who are the top Democrats on two House committees, asked, "Whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts."

Waxman and Butterfield also sent a copy of the letter to Morin.

The legislators wanted answers to nine questions, including one about Apple's earlier decision to require developers to disclose use of location data in their iOS apps.

"You have built into your devices the ability to turn off in one place the transmission of location information entirely or on an app-by-app basis," their letter stated. "Please explain why you have not done the same for address book information."

In a statement issued to some media outlets, including the AllThingsD blog and the Reuters news service , Apple responded to that question.

"Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines," an Apple spokesman told AllThingsD and Reuters. "We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."

Apple did not immediately confirm the statement's accuracy.

In December, Apple reacted to controversy that third-party software was surreptitiously collecting a glut of information from iPhone users by promising it would provide an iOS update to remove the Carrier IQ code from all its smartphones.

At the time, a company spokeswoman said, "With any diagnostic data sent to Apple, customers must actively opt-in to share this information."

Apple's iOS App Store guidelines forbid programs from "transmit[ting] data about a user without obtaining the user's prior permission and providing the user with access to information about how and where the data will be used."

Those rules also ban apps "that require users to share personal information, such as email address and date of birth, in order to function."

Apple has not updated those guidelines to specifically mention address books, although they have long prohibited apps that "do not notify and obtain user consent before collecting, transmitting, or using location data."

Gregg Keizer covers Microsoft, security issues, Apple, Web browsers and general technology breaking news for Computerworld. Follow Gregg on Twitter at @gkeizer , on Google+ or subscribe to Gregg's RSS feed . His e-mail address is [email protected] .

See more articles by Gregg Keizer .

metatag data

Read more about privacy in Computerworld's Privacy Topic Center.

IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model