Got a tip for us? Share it...

New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Requires User Permission Before Apps Can Access Personal Data in iOS 6

Earlier this year, Apple came under fire from consumers advocates and Congress after it was discovered that apps, most notably Path, were uploading users' entire address books to their servers without alerting users or asking for authorization. Path deleted the information, but a pair of U.S. Congressmen sent a letter to Apple asking for information on the company's data collection policies.

More recently, LinkedIn came under fire for transmitting information from iOS calendar entries back to its servers in plain text.

Facebookprivacy
In the OS X Mountain Lion beta, Apple began requiring apps to get explicit permission to access user's address book information, and Apple PR said in February that any iOS app "wishing to access contact data will require explicit user approval in a future software release."

Starting with iOS 6, Apple now requires apps to get explicit user permission before accessing Contacts, Calendars, Reminders, and Photos. From the "Data Privacy" section in Apple's iOS 6 Release Notes:
In addition to location data, the system now asks the user’s permission before allowing third-party apps to access certain user data, including:

- Contacts
- Calendars
- Reminders
- Photo Library

For contact, calendar, and reminder data, your app needs to be prepared to be denied access to these items and to adjust its behavior accordingly. If the user has not yet been prompted to allow access, the returned structure is valid but contains no records. If the user has denied access, the app receives a NULL value or no data. If the user grants permission to the app, the system subsequently notifies the app that it needs to reload or revert the data.
As the iPhone and iPad have grown in popularity, Apple has come under increasing scrutiny over the privacy practices of both Apple and developers participating in the App Store ecosystem. Last year, Senator Al Franken asked both Apple and Google to require app developers to have "clear and understandable" privacy policies.

Apple later agreed to comply with a new California law requiring links to privacy policies in consistent locations and provide a method for users to report apps that do not comply with privacy requirements.

Congress also got involved over the disclosure of location information to app makers, going so far as to introduce a bill that would force companies to get explicit authorization before disclosing the user's location to anyone. Apple now asks the iOS users if Location Services should be enabled during the initial setup process.

iOS 6 is currently in beta and is expected to be publicly released this fall.

Top Rated Comments

(View all)

28 months ago

Android has always done this. Fail


No it hasn't. You're told what the app has access to when you install it,you can't opt in or out of parts later.
Rating: 24 Votes
28 months ago
a lll these security popups in ios6 and mountain lion remind me of



which apple criticised so heavily in vista.
Rating: 16 Votes
28 months ago
Yes, I told Facebook to go fly a kite.
Rating: 12 Votes
28 months ago

Android has always done this. Fail


This line of thinking is stupid.

I don't use Android. I couldn't care less what they do or don't do.

If it's added to iOS, then fine. I'm not sitting there going "hm, I'm going to base my like or dislike on this feature based on whether or not a phone I don't even use has".

Get over yourselves, Googlebots and Fandroids.
Rating: 12 Votes
28 months ago
Doesn't make any difference because Facebook plays too fast and loose with private data. Apple may secure it, and FB will just give it away... and then say, "Whoops!"
Rating: 11 Votes
28 months ago

a lll these security popups in ios6 and mountain lion remind me of

Image (http://www.technosamrat.com/wp-content/uploads/2008/10/readyboost-superfetch-and-user-account-controluac-in-windows-vista.jpg)

which apple criticised so heavily in vista.


You're not very creative. I bore of seeing posts like these. The problem with UAC wasn't its existence, it was its implementation. Cancel or allow every single time you launched certain programs with no way for an average user to whitelist a program without completely disabling the security of UAC.

Apple's security features are implemented very differently.
Rating: 11 Votes
28 months ago
I wish it also allowed Developer to have a small description of why Facebook or whatever app wants to access my calendar or whatever. instead of just going "hey they want access to X, okie?" -- it'd just be good to know at least one of the reasons why.
Rating: 11 Votes
28 months ago
facebook is retarded, i hope there company fails but that doesn't look like it will happen. All people ever do is go on facebook, live on facebook its ridiculous. So many lives ruined because of that garbage
Rating: 10 Votes
28 months ago
Apple: "No more lawsuits, please?"
Rating: 10 Votes
28 months ago
Good move IMO. This will put an end to any apps leaking data and make users responsible for their choices.
Rating: 9 Votes

[ Read All Comments ]