Apple responded today to the contacts-sharing issue with a statement indicating it plans to put some form of a setting on contact data that would allow users to control who views the data, similar to the way Apple locks down location data.
“Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines. We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”
Congress became involved and probably motivated the move, but the legislative body is not going to like what it hears.
The problem is that iOS apps not only have access to a user’s contacts database (including addresses and notes), but apps also have full and unencumbered access to everything in the iOS app sandbox, such as pictures, music, movies, calendars, and a host of other data. Any of this content is literally open for developers to freely transmit to their own servers while apps are open.
(note that pictures with geotags will pop up a Location dialog which can be averted in code with some well known tricks)
Moreover, approved apps also have access to the iPhone’s camera and microphone, so apps can also take pictures and make recordings without permission (although, this would be easy to detect by the user with the light from the front camera or red bar during audio). Photos, videos, and audio are transmittable securely or insecurely up to servers that you and Apple do not know about.
To developers, this is no big secret. It is not trivial, but putting that kind of functionality into an app is straightforward and only uses Apple’s publicly available and blessed developer APIs (which means this stuff will not likely be detected by Apple’s App Store approval process).
Obviously, shady developers and even government entities are probably already using such apps to gather information. Therefore, these are some scenarios: