It’s only been a few weeks since the last major iOS privacy scandal. In case you were getting bored, a new, somewhat related controversy just started brewing thanks to reporting by Nick Bilton at The New York Times. This one comes three weeks after Path apologized for a privacy loophole that allowed developers to access users’ entire address book without their knowledge.
Not only can iOS apps access and upload one’s address book, but they can apparently do the same with the photo library on any iOS device, according to the Times.
That’s right. For whatever reason, Apple has made it possible for developers to upload your entire collection of personal photos to their servers, without necessarily making it clear that that’s happening. To be fair, no real-world examples of this have been uncovered, but it is very possible from a technical standpoint.
To demonstrate, the Times asked a developer to build a fake application that replicates this behavior and sure enough, it worked. Granted, this demo application was never submitted to Apple and thus never put through the thorough approval process the company employs. Still, as many developers know, Apple’s historically strict process for approving apps seems to have been relaxed somewhat, as bogus apps have occasionally been able to find their way into the iTunes App Store.
Apple’s Walled Garden: A Blessing in Disguise?
Even if it has become more lax lately, the App Store is still not as easy for developers to get their apps into as, say, the Android Market. If no major privacy exploits have unfolded as a result of this loophole, it’s by virtue of the fact that Apple is so notoriously strict about what lands in its app store.
That characteristic is something that is sometimes criticized by developers and more tech-savvy consumers, who view Apple’s ecosystem as more walled-off and restrictive than it needs to be. As much merit as those arguments may have, it appears that by occupying the opposite, more radically open end of the spectrum, Apple would be inviting potentially serious privacy and security exploits onto its platform.
As it so often the case, Apple has declined to offer any comment on the issue, at least until it blossoms into a bigger controversy.
There are certainly legitimate reasons why an application would need to access certain data about one’s photos, such as location information. However, why a developer would actually need to upload photos from somebody’s library to a remote server is unclear. Photo-sharing apps like Instagram and Hipstamatic only need to share the images passed through the app itself. If a user wants to apply an Instagram filter to an older photo sitting in their library, they can do that on a per-photo basis.
Of course, the natural concern for users here is that not every photo they snap with their phone is something they’re willing to share publicly, or with anybody else at all. As smartphones have proliferated and their cameras have become more powerful, they’ve begun to replace point-and-shoot cameras and simple camcorders for many consumers. They’re used for photos intended for Facebook and Instagram, but they’re also used to casually photograph family events and, one must presume, much more intimate subject matter.
The most obvious solution here would be to either remove the functionality or to tighten the restrictions around its use to ensure that users are clearly notified should this feature ever need to be utilized.
Last year, Apple made headlines when it was revealed that the iPhone was keeping a record of users’ physical whereabouts in an unsecured file on the device.