Following TechCrunch’s report that certain iOS apps are using technology from a company called Glassbox to record everything a user does within the app, Apple has started telling app developers that they either need to disclose this to users or face getting banned from the App Store.
“Our App Store Review Guidelines require that apps request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity. We have notified the developers that are in violation of these strict privacy terms and guidelines, and will take immediate action if necessary,” an Apple spokesperson told TechCrunch.
The investigation by TechCrunch and App Analyst discovered that many popular apps, including Air Canada, Expedia and Hotels.com, are using Glassbox’s tech without disclosing it to users. Furthermore, in some cases these apps appear to transfer sensitive user data without masking or encrypting it.
According to TechCrunch, Apple is telling developers via e-mail that apps “must request explicit user consent and provide a clear visual indication when recording, logging, or otherwise making a record of user activity.” The company has reportedly given developers less than a day to remove Glassbox’s code from their app and resubmit it. Otherwise, the app would be removed from Apple’s App Store.
In an email, a Glassbox spokesperson told Mashable that the company’s goals are “to improve online customer experiences and to protect consumers from a compliance perspective.” The company says it’s a strong supporter of user privacy and security, that it “meets the highest security and data privacy standards” and that it provides its customers (the app developers) with tools to mask “every element” of personal data. Furthermore, Glassbox says it believes its customers should have “clear policies in place so that consumers are aware that their data is being recorded.”
If Glassbox is to be believed, the problem lies mainly with some of the app developers who use its tech, firstly because they don’t disclose it to their users, and secondly because they haven’t implemented it correctly. In any case, it’s good that Apple is cracking down on irresponsible use of this technology.
We’ve reached out to Apple and Glassbox for further comment and will update this article when we hear from them.