Apple has started removing apps from the App Store that violate the company’s policies by sharing location data with third parties without explicit consent, reports 9to5Mac. The breaches are related to sections 5.1.1 and 5.1.2 of the company’s App Store Guidelines, which say that apps must not transmit “user location data to third parties without explicit consent from the user [or] for unapproved purposes.” Developers that have violated the company’s guidelines have received notices from Apple, informing them that their apps are not in compliance “upon re-evaluation.” 9to5Mac notes that the apps affected haven’t provided enough clear information to users about what happens to their data after it’s collected.
Apple’s clampdown seems to be related to the General Data Protection Regulation, which comes into effect on May 25th in Europe. Under the new rules, technology companies will need to obtain explicit and informed consent from a person they’re collecting personal data from. That means apps might need to ask for consent to your data more often, or highlight how they’re using your data in clearer ways.
In the notices sent to affected developers, Apple says those who want to reinstate their app must remove any code, frameworks, or SDKs that relate to location sharing with third parties, and resubmit the app for a review. Once approved, the app will be relisted on the App Store. Apple’s guidelines also state that, “Data collected from apps may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the app’s functionality.”
Apple finally decided to start enforcing guidelines on selling location data
via @jeromep1970 pic.twitter.com/YKAWfMBq35 — Thomasbcn (@Thomasbcn) May 7, 2018
It’s unclear how many developers or apps are affected by the recent clampdown. We’ve reached out to Apple for further comment and will update this post if we hear back.
RootbeerFlotilla on May 9th, 2018 at 15:24 UTC »
How do they determine 3rd party, I wonder. Can my app still send location back to my server?
mostlyemptyspace on May 9th, 2018 at 14:55 UTC »
My company was approached by a company called Tamoco who does exactly this. They offered us about $2k per month to install their SDK in our app which passively sends location data to them. We said no, but it seemed like they were doing very well and had hundreds if not thousands of clients. It actually made me go uninstall any apps I wasn’t using because I have no idea how many of my apps are using services like this.
redditsoaddicting on May 9th, 2018 at 13:44 UTC »
I wonder how ad SDKs are going to respond.