The Most Comprehensive Data Protection Solution

Discover, classify, and protect your data from all threats with the only Gartner Magic Quadrant DLP and Forrester Wave EDR Leader.

First and Only Solution to Converge:

  • Data Loss Prevention
  • Endpoint Detection and Response
  • User and Entity Behavior Analytics
DATAINSIDER

Digital Guardian's Blog

Apple Cracking Down on Apps That Share Location Data With Third Parties

by Chris Brook on Thursday May 10, 2018

Contact Us
Free Demo
Chat

Apple has reportedly begun removing apps from the App Store that share location data with third parties but fail to obtain a user's consent.

Apple is beginning to crack down on applications that send user location data to third parties without asking first.

Several app developers began reporting this week that their apps have either been removed from Apple’s store or rejected by the Cupertino company citing a lack of compliance with Apple’s data privacy rules, specifically because they transmit user location data to third parties without obtaining the consent of user first.

Apple is telling developers offending apps will be removed from its app store and not restored unless users remove "any code, frameworks, or SDKs that fall in line with the functionality." According to the letter sent to developers only after that code has been removed can developers resubmit their app for review.

Technically the legalese these apps appear to be violating is 5.1.1 and 5.1.2 of the company’s App Store Review Guidelines: "The app transmits user location data to third parties without explicit consent from the user and for unapproved purposes."

 

Blog Post

What does GDPR mean for you?

It's widely assumed - and probably safe to speculate - that Apple's move is in response to the looming spectre of the European Union’s General Data Protection Regulation, or GDPR.

Apple is reportedly already in the midst of working on a site that will allow users to download a copy of all the data they've shared with the company to comply with the Regulation. A report from Bloomberg in March said Apple planned to debut the site sometime this month, before GDPR goes into effect on May 25. The portal will reportedly also allow users to deactivate and completely delete their account.

Tags: Security News, Apple

Chris Brook

Chris Brook is the editor of Data Insider. He is a technology journalist with a decade of experience writing about information security, hackers, and privacy. Chris has attended many infosec conferences and has interviewed hackers and security researchers. Prior to joining Digital Guardian he helped launch Threatpost, an independent news site which is a leading source of information about IT and business security for hundreds of thousands of professionals worldwide.