In a statement delivered to AllThingsD, Apple said that accessing contact data without permission is already a violation of App Store guidelines. Violation or not, however, and just as it did with Location Services, the company said it would be making changes, likely in iOS itself, that force developers to get permission before accessing their personal contact databases. That statement:
Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines. We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.
The news first garnered attention with a social networking app called Path, which was uploading its users’ Address Book to the company’s servers. The company quickly reacted to the controversy that was raised by the news by voluntarily changing the app to get that permission and erasing its old database of contact information.
With the spotlight trained on the ability to do this on iPhones and iPads, it was quickly discovered that many apps were doing something similar. Apple’s lack of control in this area was criticized, and privacy advocates were raising the alarm.
Apple’s statement and impending changes to App Store guidelines should go far in correcting the situation and giving users control over their contact information.