Apple beefs up user privacy controls for iOS 6


Apple's (NASDAQ:AAPL) forthcoming iOS 6 mobile operating system refresh will require all applications to obtain explicit user permission before accessing personal information stored on devices.

Apple issued iOS 6 to developers earlier this week. MacRumors reports that the Release Notes stipulate all third-party iOS applications must now secure user authorization to access data including contacts, calendars, reminders and photos as well as location data.

"For contact, calendar, and reminder data, your app needs to be prepared to be denied access to these items and to adjust its behavior accordingly," Apple states. "If the user has not yet been prompted to allow access, the returned structure is valid but contains no records. If the user has denied access, the app receives a NULL value or no data. If the user grants permission to the app, the system subsequently notifies the app that it needs to reload or revert the data."

Apple first pledged to detail app permissions in February. "Apps that collect or transmit a user's contact data without their prior permission are in violation of our guidelines," Apple spokesman Tom Neumayr said at that time. "We're working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release."

Apple made the announcement days after developer Arun Thampi reported iOS social application Path was uploading users' address books to its servers, fueling consumer and legislator uproar. Path later acknowledged storing user data and updated its app to enable users to opt out of its contacts database. "This incident raises questions about whether Apple's iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts," wrote Rep. Henry A. Waxman (D-Calif.) in an open letter to Apple.

Also in February, Apple, Google (NASDAQ:GOOG),, Research In Motion (NASDAQ:RIMM), Microsoft (NASDAQ:MSFT) and Hewlett Packard agreed to improved privacy principles that bring the mobile ecosystem in line with the California Online Privacy Protection Act, which requires operators of commercial web sites and online services--including mobile apps--that collect personally identifiable consumer data to post a privacy policy. The agreement guarantees consumers the opportunity to review an app's privacy policy prior to download rather than after, and will offer consumers a consistent location for an app's privacy policy on the device screen. Developers who do not comply with their stated privacy policies can now be prosecuted under California's Unfair Competition Law and/or False Advertising Law.

Apple is expected to release iOS 6 to consumers this fall. The overhaul brings about 200 new features in all, highlighted by deep Facebook integration and expanded Siri voice recognition tools as well as new Maps service designed in-house to replace the Google Maps system.

For more:
- read this MacRumors article

Related articles:
Apple's new iOS 6 adds deep Facebook integration, dumps Google Maps
Apple, Google consent to mobile app privacy accord
FTC to Apple, Google: Apps for kids must disclose data privacy practices
Amid privacy uproar, Apple promises to detail app permissions
Path admits mistake, allows users to opt out of contacts database

Filed Under