Apple Inc on Wednesday said application developers would have to get express permission from users before tapping into contact information stored in its popular gadgets, in a move to address privacy concerns.
The maker of iPhones, iPads and iPods made its position clear after two US lawmakers asked the California-based company whether apps running on the company’s devices might be accessing private data without asking users.
“Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines,” Apple spokesperson Tom Neumayr said in an e-mail. “We’re working to make this even better for our customers and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”
US representatives Henry Waxman and G.K. Butterfield sent a letter to Apple chief executive Tim Cook following reports that social networking app Path collected and stored address book information without explicitly asking for a user’s consent.
“This incident raises questions about whether Apple’s iOS app developer policies and practices may fall short when it comes to protecting the information of iPhone users and their contacts,” they said.
In a blog post last week, Path co-founder and chief executive David Morin apologized for uploading users’ address book information without asking for permission.
“We made a mistake,” Morin said. “We are deeply sorry if you were uncomfortable with how our application used your phone contacts.”
Path released updated applications modified to ask users whether they would like to opt in or out of letting the service use personal contact lists to help them connect with friends or family at the social network.
Apple shares, which soared past the US$500 mark on Monday, lost 2.31 percent on Wednesday to close at US$497.67.
Separately, Google Inc on Wednesday assured users of its smartphone wallets that the mobile-age technology thwarts thieves better than old-school cash or credit cards.
“Mobile payments are going to become more common in the coming years and we will learn much more as we continue to develop Google Wallet,” Google payments vice president Osama Bedier said in a blog post. “In the meantime, you can be confident that the digital wallet you carry provides defenses that plastic and leather simply don’t.”
A Google Wallet feature that lets people load prepaid card information in smartphones for spending was re-activated this week after being shut off for a few days to fix a potential security vulnerability.
“While we’re not aware of any abuse of prepaid cards or the Wallet PIN resulting from these recent reports, we took this step as a precaution to ensure the security of our Wallet customers,” Bedier said.
The action from Google came after a Zvelo Labs researcher demonstrated software that quickly figures out a Wallet PIN, provided the crook has the smartphone.
The researcher dismissed the threat of hackers picking Google Wallets remotely, saying that physical access is needed to get priority access to controls in a process kn ow as “rooting.”
Security specialists advise Google Wallet users to enable security features such as full-disk encryption and screen locks.
Google Wallet is available only on the Nexus S and Galaxy Nexus smartphones, which Google developed with Samsung Electronics Co. Google plans to expand the feature to more Android phones.