Apple Tells App Developers To Disclose Or Remove Screen Recording Code

An anonymous reader quotes a report from TechCrunch: Apple is telling app developers to remove or properly disclose their use of analytics code that allows them to record how a user interacts with their iPhone apps -- or face removal from the app store, TechCrunch can confirm. In an email, an Apple spokesperson said: "Protecting user privacy is paramount in the Apple ecosystem. Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity." "We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary," the spokesperson added.

It follows an investigation by TechCrunch that revealed major companies, like Expedia, Hollister and Hotels.com, were using a third-party analytics tool to record every tap and swipe inside the app. We found that none of the apps we tested asked the user for permission, and none of the companies said in their privacy policies that they were recording a user's app activity. Even though sensitive data is supposed to be masked, some data -- like passport numbers and credit card numbers -- was leaking.

"Screen recording"

[Dan+East]

And once again the misnomer "Screen recording" is being used inaccurately in the headline to draw more attention. "Screen recording" is a phrase that has a specific meaning, and there is no screen recording going on. I don't feel like typing it all again... https://slashdot.org/comments....

(I'm not condoning or defending this practice, but just clarifying that the screen is not literally being recorded and streamed as video)

Sure, that will solve the problem

Did you know that every app in the App Store is required to link to a privacy policy if it records data? If you did, do you know how to find that link?

It's in the "information" box that is helpfully hidden way at the bottom - but not all the way at the bottom - of an app's page on the App Store. If you scroll to the bottom you won't see if because you'll have gone past it.

So all this is going to do is make the apps doing this add it to that privacy policy most people probably aren't aware even exists because it's hidden below the "app compatibility" and "supported languages" sections.

Experienced something similar as a developer

[cerberusss]

I'm an app developer and years ago, started with an app in the App Store and included one of those free analytics libraries. It's quite useful, you get the crash reports coming in as they occur in the field. At some point, I was very proud to have solved nearly all crashes.

Then I felt like people needed to be able to opt out. So I built a screen with a simple checkmark, and looked at their API to turn off data collection. Turns out, it's not there. To opt out as a user you needed to go to a web page, and fill in your email adres. I thought to myself, what? What the fucking what? How can you relate crash reports with an email address? Then I realized that's what free means. I should never have started with it.

Note: this was in 2012/2013, and as a starting iOS developer, I was pretty naive. First of all I should've built my own light weight crash reporter. Second of all, it should've been opt-in.

I've tried Localytics, Crashlytics and Flurry. They all have severe privacy problems in my opinion. I have simply removed them from my app, because I kept feeling bad for my users.