Apple Starts Removing Apps That Share Location Data With Third Parties

Apple has stepped up its policy of removing apps from the App Store that violate its guidelines by sharing location data with third parties without explicit consent.

As noted by 9to5Mac, Apple appears to have ratcheted up its software scrutiny in the last few days by informing affected developers by email that upon re-evaluation, their app violates two sections of the App Store Review Guidelines and will therefore be removed from sale:

Apple finally decided to start enforcing guidelines on selling location data

via @jeromep1970 pic.twitter.com/YKAWfMBq35
— Thomasbcn (@Thomasbcn) May 7, 2018

Legal - 5.11 & Legal 5.1.2
The app transmits user location data to third parties without explicit consent from the users and for unapproved purposes.

Apple's contention is that the apps in question don't provide enough clear information to users regarding what their data is used for and how it's shared once it's been collected. There also seems to be concern that the data collection isn't specifically for improving the user experience or enhancing app performance.

The company's retrospective action is likely related to General Data Protection Regulation (GDPR), which sets the rules for how businesses manage and share the personal data of customers.

GDPR is a European Union rule to protect EU citizens, but as with its website cookie consent policy, basically every company with an online presence is affected by the law. An updated version of the GDPR goes into effect on May 25 to underline this applicability. Interested readers can find a summary of the key changes to the regulations here.

Tag: App Store

Top Rated Comments

(View all)

nwcs

10 months ago

Good, that is a shady practice of those apps in any case. What might spur more action is if Apple could let us know if we have already downloaded such apps so that we can make an informed decision to continue using them while an update may or may not be provided.

Rating: 18 Votes

keysofanxiety

10 months ago

Fantastic news. Apple's view on privacy is getting more staunch as time goes on. Normally it's the other way around.

Rating: 16 Votes

Stella

10 months ago

Good.

But Apple should be consistent with applying its rules. They shouldn't have been there in the first place.

GDPR, while for EU citizens, also benefits non-EU citizens. Excellent.

Rating: 8 Votes

nnoble

10 months ago

Hopefully these initiatives by Apple will continue. As individuals we haven’t got a hope of avoiding app developers who aim to deceive.

Rating: 7 Votes

bluecoast

10 months ago

I had no idea that Apple even allowed apps to do this in the first place. I guess I was pretty naive and trusted them to do the right thing.

Since the Facebook controversy and looking into GDPR, here in Europe, I'm really shocked as to how much our data is unprotected and used for all sorts of reason, without our direct consent being given.

I hope that Apple really doubles down on privacy with iOS 12 and makes it its key feature. Here's hoping.

Rating: 6 Votes

Sasparilla

10 months ago

Nice to see this. Would have been nicer to have bounced these guys before, but better late than never.

BTW Apple, we'd really like to know who was violating this. ;)

Rating: 3 Votes

Starlights

10 months ago

Why hasn’t Facebook been removed from the App Store then?

You as a user can choose to remove it from your phone. ( I did, from all devices)

Rating: 3 Votes

RobaxMan

10 months ago

Apple acknowledges tracking iMessage metadata and sharing it with law enforcement

In a document about Apple's iMessage system obtained by ('https://theintercept.com/2016/09/28/apple-logs-your-imessage-contacts-and-may-share-them-with-police/') The Intercept, the Florida Department of Law Enforcement's Electronic Surveillance Support Team noted that when users enter a phone number into iMessage, metadata is periodically uploaded to Apple servers to check whether a text should be routed through iMessage or standard SMS. This material includes not just phone numbers but the date and time of the lookup, and the querying user's IP address.

While the data doesn't include message contents, or even reveal when conversations happened, it could potentially be used to identify who a person is associating with, and/or trace an IP address back to a real-world location.

Responding to The Intercept, Apple acknowledged the data collection, saying that it retains logs for 30 days and hands them over when served with a valid legal request. Because these orders can sometimes be extended in 30-day blocks, though, it's possible that some people are being tracked for longer durations.

"When law enforcement presents us with a valid subpoena or court order, we provide the requested information if it is in our possession," Apple said in an official statement. "Because iMessage is encrypted end-to-end, we do not have access to the contents of those communications. In some cases, we are able to provide data from server logs that are generated from customers accessing certain apps on their devices. We work closely with law enforcement to help them understand what we can provide and make clear these query logs don't contain the contents of conversations or prove that any communication actually took place."

https://appleinsider.com/articles/16/09/29/apple-acknowledges-tracking-imessage-metadata-and-sharing-it-with-law-enforcement

Rating: 3 Votes