Apple is cracking down on iOS apps that share the location data of their users to third parties without explicit consent, 9to5Mac reported Tuesday.
Developers in violation of sections 5.1.1 and 5.1.2 of the App Store Review Guidelines will receive a notification informing them their app has been removed “upon re-evaluation.” The section Apple refers to states an app is infringing if it “transmits user location data to third parties without explicit consent from the user and for unapproved purposes.”
“Data collected from apps may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the app’s functionality,” the guidelines also state.
Here is a look at the notification.
Apple finally decided to start enforcing guidelines on selling location data
— Thomasbcn (@Thomasbcn) May 7, 2018
via @jeromep1970 pic.twitter.com/YKAWfMBq35
If a developer wants their work reconsidered, they must remove any code, frameworks, and software development kits that collect and send user location information. Otherwise, the app cannot be resubmitted to the App Store. Once the changes are made, the app will be relisted, though it’s not clear whether it will be posted as new or keep its previous listing.
Apple’s revived efforts to remove apps that violate its terms comes less than three weeks before the General Data Protection Regulation (GDPR) goes into effect. The strict E.U. regulations put pressure on companies to uphold their user’s privacy. If a company fails to observe the rules, it can be fined 20 million euros or up to 4 percent of its annual global turnover. You can learn more about the GDPR in our write-up about why so many tech companies are changing their privacy terms.
In this case, the apps being taken down didn’t do a good enough job informing users about what their data is being used for. As part of the GDPR, companies must inform users about where their data ends up and have an “explicit and legitimate” purpose for processing information.
We currently don’t know how many apps have been affected, but the clampdown raises questions about how strict the mobile giant was in enforcing its privacy rules prior to the GDPR. There will be cause for concern if it’s determined a significant number of iOS apps failed to properly inform users that they were not only harvesting location data but also sharing it with other companies.
The Daily Dot has reached out to Apple and will update this article if we hear back.
H/T the Verge