Sooner or later, Apple may have to make more significant changes, says Ty Rollin, chief technology officer of Mobiquity, a large app development agency in Wellesley, Massachusetts. The existing design of iOS made what Path and others did “easy,” he says, and it doesn’t seem to safeguard personal data. Apple should add detailed privacy settings that provide fine-grained control over what different apps can do with the data on a phone, similar to those provided for Facebook apps, says Rollins. “That needs to happen to phones, too,” he says. “I don’t know why they’re taking this piecemeal approach now. Maybe they were trying to maintain this pristine interface.”
Apple has a reputation for tightly controlling what users can do with their mobile devices and for enforcing strict rules on which apps are permitted into the App Store. Yet in the case of Path, and some other apps, it did not seem to impose those rules. That is problematic, because Apple has chosen to rely on those rules to protect users from an app’s behavior, rather than on technical features built into iOS. Technically, an iOS app could access other personal data, including photos, music playlists, recently viewed videos, and a device’s unique IMEI identifier, which can be used for ad tracking. No one has yet reported that any popular apps improperly use that data, however.
Within the startup community, ready access to user data has been seen as a powerful tool, says Aza Raskin, cofounder of mobile health startup Massive Health. That perception may now change. “The more you know about someone, the better the feature set can be,” he says. “Privacy is sadly something that most people don’t think about [because] there isn’t enough consumer demand.” Path and others copied address books so they could inform their users when friends also joined and encourage more use of their social networks.
Apple’s aura of control may have convinced developers, security researchers, and users that personal data was being handled properly. “We’re seeing some of the disadvantages of a closed ecosystem,” says Raskin. “If that was a Web product, this would have been discovered long ago.”
Google takes the opposite approach with the Android Market. It doesn’t actively vet apps, but instead has built features into the operating system that make the data that apps can access transparent to a user. In practice, however, this may not provide much better protection than iOS does.
Although an Android user is asked to approve the data that an Android app can access, many people hurriedly tap “OK” rather than reading that list as they rush to try out their new app, says Adrienne Porter Felt of the University of California, Berkeley. She and colleagues are writing up the results of a study of how people handle Android app permissions. “Most people don’t pay attention to them. A small amount of people do, about 17 percent,” says Porter Felt. Studies on security warnings in browsers and on Microsoft Windows have shown that repeated exposure to such warnings dulls their impact.
There are 174 different types of permission that Android apps are required to ask for, says Porter Felt, compared to just two on iOS—for apps that want location access or that want to send push notifications.
Raskin of Massive Health says that Apple now has an incentive to develop a fundamentally new method of user privacy controls—one that does not bombard them with dialogs or present a complex panel of options. “This is something where they can really push the bar forward.”
Apple may be motivated by more than the bad press triggered by the Path case. Two members of the U.S. House of Representative’s Energy and Commerce Committee wrote to Apple CEO Tim Cook yesterday to ask a series of questions about the access that apps can have to users’ contact data. The U.S. Federal Trade Commission has become increasingly interested in what tech companies do with user data in recent years, and it could conceivably decide that Apple has neglected its responsibility to protect users. Last autumn, both Google and Facebook agreed to 20 years of regular privacy audits by the FTC after the commission charged them, separately, of “deceptive” use of private data.