Researchers at SourceDNA, an analytics service that profiles the Apple and Android app stores, say they’ve found more than 250 iOS apps that violate Apple’s App Store privacy policy forbidding the gathering of e-mail addresses, installed apps, serial numbers, and other personally identifying information that can be used to track users, reports Ars Technica (http://tinyurl.com/op75nc9). However, Apple has noted the problem and taken action.
The apps “are significant because they expose a lapse in Apple’s vetting process for admitting titles into its highly curated App Store,” the article adds. They also represent an invasion of privacy to the one million people estimated to have downloaded the apps.
Apple has released the following statement confirming the SourceDNA findings:
“We’ve identified a group of apps that are using a third-party advertising SDK, developed by Youmi, a mobile advertising provider, that uses private APIs to gather private information, such as user email addresses and device identifiers, and route data to its company server. This is a violation of our security and privacy guidelines. The apps using Youmi’s SDK will be removed from the App Store and any new apps submitted to the App Store using this SDK will be rejected. We are working closely with developers to help them get updated versions of their apps that are safe for customers and in compliance with our guidelines back in the App Store quickly.”
