Apple Questioned On iPhone App Privacy Policies

By | Feb 17, 2012

iPhone users think twice before downloading apps--you may be inadvertently allowing a third-party access to your business contacts. This week Apple found itself under fire from the U.S. House subcommittee on Commerce, Manufacturing and Trade for its policy--or lack there of--when it comes to iOS app developers seeking permission to gain access to their users' list of contacts. Forbes reports that this investigation comes directly on the heels of blogger Arun Thampi's recent discovery that the photo-sharing, social networking app Path was uploading users' address books to their server without their knowledge. Though Path claimed that it was uploading address books so that it could help users find friends and family on their network, this breach brings up many questions about how apps use personal data.

In an age when more and more users are syncing their many technologies, this gray area, if not dealt with, could be a detriment to businesses and their employees. Syncing your phone to your work computer and then downloading an app that accesses all of your data could compromise not only personal privacy, but your company's privacy as well. Businesses could potentially see an uptick in email spam and be at risk for malware.

How does Apple plan on solving the issue? All Things D reports that Apple has decided to go the route of Android and include a request for permission for user's contacts before apps are installed. But this solution doesn't completely eradicate the issue. If you decide to deny permission, you can't install the app. If you agree, it's still unclear about where and how your contacts are being used by third parties.

It also doesn't address the larger issue, which is what qualifies as data about a user. This is not the first time Apple has come under fire by the U.S. subcommittee. In 2010, their smartphone apps were shown to be transmitting personal data as well as location information. If the computer giant is smart, it will take this recent address book debacle as an opportunity to come up with better guidelines for app developers, so that they don't find themselves in this predicament again.

Until then, it's important for businesses and their employees to be aware of the risk of downloading apps on smartphones. No one wants their privacy breached. However, in light of current events, it seems almost impossible to completely protect your information when technology is changing at such a rapid rate. The best solution is to stay informed.

This post was written as part of the IBM for Midsize Business program, which provides midsize businesses with the tools, expertise and solutions they need to become engines of a smarter planet.

IBM Solution Security & Resiliency

IBM IT security expertise can help medium-sized businesses develop, implement and maintain comprehensive strategies to combat ever-evolving security threats without increasing complexity, cost, or resources required for administration.

Learn More »

More on This Topic

Three Security Concerns for 2016

By Allan Pratt on Dec 4, 2015
As we near the end of 2015, what will 2016 look like in the information security sector? Undoubtedly there be an increase in data breaches across all industries, but will businesses take the high road and inform their customers and ...