Weeks ahead of the European Union’s enforcement of the General Data Protection Regulation (GDPR), Apple is removing iOS apps from the App Store if they’ve been giving location data to third parties without explicit consent, a new report says.
According to 9to5Mac, Apple has emailed multiple developers to inform them that their apps were discovered to be violating sections 5.1.1 and 5.1.2 of its App Store review guidelines, which are concerned with apps that send “user location data to third parties without explicit consent from the user and for unapproved purposes.” Apple is also pushing developers not to share user data for reasons other than “improving the user experience or software/hardware performance connected to the app’s functionality.
There are two clear concerns: Transparency about sharing data, and restricting data sharing to limited purposes. As enforcement of the GDPR looms in Europe, Apple has drawn a clear line across regions that iOS apps need to get explicit permission from users to share data, explain what it’s used for, and provide access to information on where and how the data is shared. The company also added new data privacy disclosures to iOS 11.3, including a conspicuous sharing icon and screens to indicate when an Apple app or feature wants to use personal information.
It’s unclear how widespread Apple’s initiative is, but in addition to one public tweet, 9to5Mac says that multiple developers have privately reached out to confirm that their apps have been pulled. Offending developers are being allowed to resubmit their apps after removing violating code.