Apple is reportedly enforcing some of its privacy rules more stringently for apps in its App Store. According to a report by 9to5Mac, the iPhone maker started removing apps that share location data with third-parties without “explicit consent” from users.
Apps that have been removed from the App Store in this instance have been cited for violating sections 5.1.1 and 5.1.2 of the App Store Review Guidelines, which state, “The app transmits user location data to third parties without explicit consent from the user and for unapproved purposes.” According to a letter sent to developers that have had their apps taken down, they must “remove any code, frameworks, or SDKs” that aid location sharing without clear user consent and then resubmit their app for review.
The details of Apple’s App Store Review Guidelines suggest the company wants developers to not only be more clear in asking permission to collect users’ location data but to also be more clear about how and where that data is being used and transmitted after collection.
Apple also puts restrictions on how collected data can be used after it is shared with third parties: “Data collected from apps may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the app’s functionality, or to serve advertising in compliance with the Apple Developer Program License Agreement.”
The new crackdown comes as much of the tech industry shifts to comply with the rules of the European Union’s General Data Protection Regulation, or GDPR, which goes into full effect on May 25. Privacy has been a bigger focus for Apple than other tech companies like Facebook and Google, which use user data to sell advertising. However, given the recent privacy controversies surrounding Facebook and Google (particularly Facebook’s Cambridge Analytica scandal), Apple has shifted to emphasize privacy of users’ information even more. It also appears Apple wants to avoid possible scandals due to apps in the App Store that have been sharing users’ location data to third parties for unknown or mysterious reasons.
Apple also has a number of new privacy tools that will be available to users across the EU and other countries by the time the GDPR goes into full effect. These include a new webpage for managing Apple IDs, including a feature that lets users download a copy of all their data stored with the company and new splash screens that explain the company’s privacy views and how individual apps use data.
Source: Ars Technica