Path privacy debacle: Is Apple to blame?

pathOn Tuesday, social networking app Path took a fireball of heat after a developer discovered that the latest version of its app automatically uploads users’ entire address book every time they logged into the network. Path co-founder and CEO Dave Morin quickly swooped in to do damage control, saying an update to the Android version of the app already requires users to opt-in, and the same change is coming soon for the iOS version.

Today, Hipster, a social photo app, got thrown into the grinder, after another developer discover that it, too, uploads portions of users’ address books in order to connect users with their friends. While Hipster doesn’t do this every time a user fires up the app, as Path does, it instead sends this information in a text file in an unsecured HTTP GET request. (Path uses the more secure HTTPS.)

So, why isn’t this post about Hipster also nabbing users’ contact lists without permission? Because it’s Apple — not Path or Hipster — that is allowing this to happen. The question is, was this simply a slip-up, or is the uploading of users’ contacts a practice allowed by Apple?

As any iOS app developer knows, Apple’s API for iOS lets any app access users’ address books and photos. This includes adding addresses to contact lists, and photos to the library, or importing this data into the app.

From the “Data Management” section of Apple’s iOS Technology Overview: “Data and media from iPhone are available to your application via safe, easy-to-use APIs. Your application can create new Address Book contacts and get existing contact info. Similarly, your app can load, display, and edit photos from the Photo Library, as well as use the built-in camera to take new photos.”

In many cases, the photo library portion of this is no big deal. The popular Camera+, for example, accesses the photo library to save new photos, or edit previously-taken ones. As does Instagram, and any other app that lets users take and save photos through the app.

Now, Apple states explicitly in section 17.1 of its iOS app guidelines that, “Apps cannot transmit data about a user without obtaining the user’s prior permission and providing the user with access to information about how and where the data will be used.”

It would appear, at first glance, that Path and Hipster both violated Apple’s guidelines. But a closer look shows that there may be a crack in Apple’s walled garden.

Basically, it all comes down to what Apple considers “data about a user.” Obviously, location data falls firmly into this category. But what about contacts? Do they qualify as “data about a user? We don’t know. But we have contacted Apple to clarify this matter, and will update this piece as soon as they respond.

All that said, blame still sits on the shoulders of the app developers who access users’ information without their consent — they are, after all, the ones who chose to add this feature without explicit user permission. But Apple is still at least partially responsible, either through negligence to properly vet these apps (and possibly many others), or by simply allowing this practice in the first place. Which one it is will determine how much burden Apple carries in this matter.

Wearables

Google's Wear OS update 'H' promises battery life improvements

Google has rebranded its Android Wear operating system to Wear OS. Removing the Android name may help people better understand Google-powered smartwatches, which also play nice with iOS devices. 
Music

How to convert and play FLAC music files on your iPhone or iPad

The high-resolution revolution is upon us, and FLAC files are a popular way to store hi-res sound. But what if you’re an iOS user? Check out our article to find out more about FLAC files, and how to use them on Apple devices.
Deals

The best iPhone deals for November 2018

Apple devices can get expensive, but if you just can't live without iOS, don't despair: We've curated an up-to-date list of all of the absolute best iPhone deals available for November 2018.
Deals

The best iPad deals for November 2018

In the wide world of tablets, Apple is still the king. If you're on team Apple and just can't live without iOS, we've curated an up-to-date list of all of the best iPad deals currently available for November 2018.
Mobile

You can now message businesses straight through Google Maps

Google has been updating Maps with a ton of new features over the past few months, and now it's back with another one -- the ability for users to message businesses directly through the Maps app.
Mobile

The Motiv smart ring is coming to 20 more countries and physical stores

Remember Motiv's activity tracking smart ring? It's back with a raft of new features that adds biometric identification and token authentication, all on a device that fits on your finger.
Product Review

With style and feature upgrades, Misfit's next-generation Vapor 2 gets it right

Misfit’s next-generation smartwatch, the Vapor 2, packs built-in GPS, a heart-rate sensor, and more, into a beautiful design that starts from $250. We take a closer look at the company's latest device.
Mobile

The best protective iPhone cases to defend against dirt, dings, and drops

If you’re going off-road or work outdoors, it could be a good idea to invest in a tough case. These are our picks of the best protective iPhone cases for all iterations of the iPhone, from the iPhone XS to the 7.
Deals

All the Best Target Black Friday deals for 2018

The mega-retailer opens its doors to the most competitive shoppers at 6 p.m. on Thursday, November 22, and signs indicate that the retailer means business this year. We've sifted through all of the deals, from consumer electronics to small…
Computing

The MacBook is smaller, the MacBook Air is faster, but which is better?

This year, Apple's MacBook Air got a powerful internal upgrade, but the redesign makes it slimmer and lighter. So should you get the MacBook Air over the MacBook? We'll compare both notebook's major features and help you decide.
Mobile

Best iPhone 7 Plus screen protectors to shield your big, beautiful display

Cracked screens are expensive to replace. Fortunately for you, we've rounded up what's available in terms of protection for Apple's large iPhone 7 Plus. Here are the best screen protectors you can buy.
Mobile

New sensor from L’Oréal tracks UV exposure to keep your skin safe from the sun

L'Oréal has announced a new wearable sensor that attaches to your clothing and can track ultraviolet light. The sensor uses NFC instead of Bluetooth -- meaning it doesn't need a battery to work properly.
Gaming

15 tips for keeping your vault-dwellers alive in ‘Fallout Shelter’

The wasteland can be an unfriendly place, if you don't know what you're doing. Here are 15 tips that will help your vault thrive in Fallout Shelter, including information on questing.
Computing

All the best Apple MacBook deals for Black Friday 2018

Shoppers looking for a new Apple laptop could find huge savings on a new MacBook come Black Friday. Retailers are offering discounts as much as $650 on select MacBook, MacBook Air, and MacBook Pro models this holiday season.