Apple has taken a lot of public hits for their weak data privacy approach for iPhone and for iPhone apps.
In February we found out Path was uploading users’ address books to a server without asking for permission.
Later the same month researchers working with the New York Times found third-party developers could access users’ iPhone, iPod Touch or iPad photos after exploiting an iOS location data loophole.
Of course, this has been going on for much longer than that. Late in 2010 the Facebook iPhone app silently uploaded all your contact numbers into Facebook. In 2011 we found out that Apple was storing GPS data and storing it on your phone.
The Path disclosure ruffled some Congressional feathers and U.S. Congressmen Waxman and Butterfield sent a letter to Apple asking for a 'clarification' of the company’s data collection policies. Apple soon decided that “any app wishing to access contact data will require explicit user approval in a future software release.”
So, now we have a classic Apple response to these privacy issues. iOS6 has a new 'permissions' dialog box that asks the user to grant explicit approval to an application that wants to access personal data like contacts and calendars.
Ryan Naraine compared the user experience of this approach to Microsoft's UAC; that seems pretty apt. I don't have any hard data about UAC, but the majority of people I've seen interacting with UAC have one of two responses: either they turn it off or just always click 'OK' without reading the dialog box.
This approach adds no value to Apple users, it's nothing but a CYA for Apple lawyers.
Here's what the dialog box should really say:
In reality that dialog box should say something like please hit OK now so some company can steal all your personal data and share it with third party marketing companies and who knows who else.
Lets face it, Apple knows full well you would rather be shooting pigs with birds than worrying about your privacy.
*Graphics courtesy of our talented graphics guy. Not actual screen shots.