Apple quietly banned developers from selling and sharing users contacts in order to better protect users from developers who want to harvest their data or sell it to third parties. Previously, developers would ask for users’ phone contacts and sometimes then sold that data without the explicit consent of the users or their contacts.
The changes to the rules, which were made last week, explicitly state that developers are banned from turning address books into a database of contacts and from selling that database. They also can’t turn data into user profiles. Developers can still ask users for contact lists for use within their app, but they’ll have to tell users exactly what they’re going to do with the data. If they have more than one purpose in mind, they’ll have to ask for further consent.
Facebook came under fire in March for allowing a third-party developer to obtain the data of over 87 million people during the Cambridge Analytica fiasco. The timing of the new App Store rules seems to indicate Apple is trying to prevent similar data misuse from its developers. But the company can’t do anything about the data that’s already been collected and potentially sold by developers. And while Apple can remove apps from developers who violate these rules, it doesn’t have full control over what those developers choose to do with the data once it’s obtained from users, which is the same problem that Facebook ran into