Apple has made changes to its App Store Review Guidelines that affect the way developers collect user data for use in advertising profiles, or building contact databases. The alterations are all found under section 5.1.2 of Apple’s guidelines.
The changes specifically state:
- Apps should not attempt to surreptitiously build a user profile based on collected data and may not attempt, facilitate, or encourage others to identify anonymous users or reconstruct user profiles based on data collected from Apple-provided APIs or any data that you say has been collected in an “anonymized,” “aggregated,” or otherwise non-identifiable way.
- (Do not use information from Contacts, Photos, or other APIs that access user data to build a contact database for your own use or for sale/distribution to third parties, and don’t collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.
- Do not contact people using information collected via a user’s Contacts or Photos, except at the explicit initiative of that user on an individualized basis; do not include a Select All option or default the selection of all contacts. You must provide the user with a clear description of how the message will appear to the recipient before sending it (e.g. What will the message say? Who will appear to be the sender?).
The changes can be seen in the online version of Apple’s guidelines here. It stops developers from collecting data for user profiles, which some may go on to sell or misuse, a problem which is directly related to the recent Cambridge Analytica and Facebook scandal. If developers break the rules, they risk being banned from the App Store.