Since iOS 6, Apple has required apps to get explicit user permission before accessing personal data and device information, with iOS 8 now allowing users to determine whether they want apps to keep using location data.
Apple's original move to require apps to ask for permission came in 2012 after it was discovered that apps such as Path were uploading users' address books without asking for authorization. While Path eventually deleted the information, a pair of U.S. Congressmen sent a letter to Apple asking for information on specific data collection policies, causing Apple to make changes.
Since then, Apple has made a number of moves to better comply with concerns over privacy, which include adding the ability to report apps that do not comply with privacy requirements and asking iOS users if Location Services should be enabled during setup.