Apple changes app policy after taking congressional heat

Photo credit: Northfoto/
Photo credit: Northfoto/

The Apple announcement, reported by Reuters, came after two US representatives sent a letter to Apple CEO Tim Cook asking for information about its app review procedures. The move was in response to news that the Path social networking app, available on the iTunes Store, was downloading users’ address books without their consent.

In the letter, Reps. Henry Waxman (D-Calif.) and G.K. Butterfield (D-N.C.) asked Apple to provide detailed information about its policies regarding apps transmitting data, as well as the company's review policy to determine whether developers comply.

They sent the letter in response to a blog by Arun Thampi about his discovery that the Path social networking app had accessed and collected the contents of his iPhone address book without asking his permission.

"This incident raises questions about whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts", the representatives wrote.

The lawmakers cited a blog by Dustin Curtis, who wrote that “there’s a quiet understanding among many iOS app developers that it is acceptable to send a user’s entire address book, without their permission to remove servers and then store it for future reference.”

Curtis said he conducted a survey of developers of popular iOS apps and found that 13 of 15 had a "contacts database with millions of records" – with one claiming to have a database containing "Mark Zuckerberg's cell phone number, Larry Ellison's home phone number and Bill Gates ' cell phone number.”

The lawmakers gave Apple until Feb. 29 to respond to nine detailed questions about its iTunes Store app policies and procedures.

What’s hot on Infosecurity Magazine?