One of the fundamental differences between app distribution through the Android Market and Apple’s App Store has to do with who’s in charge of granting apps access to the data on your phone. Whereas Google largely puts that burden on its users, asking them to navigate through a list of requested permissions upon installing an app, Apple mainly acts as permissions-granter itself, taking some of that burden off iPhone owners and leaving it up to the app to disclose how it uses your data. Problem is, that latter strategy is only sound so long as Apple is making the right decisions, and some recent news of apps surreptitiously accessing contact book information has raised questions about Apple’s choice to approve them for sale. In a statement today, Apple has responded to those concerns, announcing plans to implement a policy wherein permission to access contact data must be specifically granted to an app by the user.
This news follows the discovery that the app Path had been transmitting contact book data back to its servers without having clear permission. The backlash that followed resulted in other companies divulging similar functionality in their own apps, revealing a pattern of Apple turning a blind eye to such behavior. The public’s reaction escalated to the point where Congress even sat down to write Apple for an explanation.
Apple’s decision to now formalize the need for apps to request contact access should put an end to this issue, but how did we get here in the first place? Was Apple just being naive in believing that no one would notice or care what was happening? Are we ourselves to blame, preferring platforms that “simply work” over those that present us with a seemingly endless assortment of options? Ultimately, it’s probably a bit of both.