After a week of confused coverage around which mobile app developers access user address books and how they do it, we are finally getting a product-level resolution. Apple says today (in time to beat back some inquiring congressmen) that it will start requiring developers to ask for explicit user permission in order to access these contacts.
The new interface, slated for its next iOS operating system release, will provide a permissions notification to users after they install an app, similar to how it currently requires users to approve location sharing or push notifications. This change will add some arguably unnecessary friction to users of apps that pull address books — and a lot of developers will be affected, as 11% of free iOS apps were accessing address books as of the start of last year, according to one research report.
Beyond technical fixes that developers should be implementing anyway, the solution means that users will now at least know what’s being shared. But the problem I have with Apple’s solution is that it looks like an inelegant knee-jerk response, not a carefully planned advancement in how it helps developers build better products for users.
The reason Path as well as Twitter, Hipster and others were uploading address books with user names, emails and phone numbers was because they were trying to help users find existing friends who were also using their services. It wasn’t about reselling this data to the Egyptian government, even if that was a distant hypothetical possibility.
Recent investigations by VentureBeat, The Next Web and The Verge revealed that in fact, dozens of popular apps were accessing address books. But here’s some less anecdotal data about the scope of the issue, from Lookout. The mobile developer provides an app for iOS, Android and other mobile platforms that finds malware and other security and privacy problems within apps that users are downloading by scanning apps across the entire ecosystem. So unlike most data sources it can see the big picture here.
At the beginning of 2011, it found that out of the hundreds of thousands of free apps on iOS, 11% were able to read contacts. The company doesn’t have updated numbers available yet for iOS this year, and it’s only providing percentages, but clearly address book accessing is way more prevalent than just the few dozen apps that people have looked at so far.
The same goes for Android. Lookout’s data from last year shows that 7.4% of free apps on the platform were accessing user contacts; this year, the company tells me it’s tracking 7.1% that do.
Android is in a bit of a different position here, though, because it requires explicit user permission for contact sharing with apps before they install it. That’s more transparent, but also adds some friction.
Which brings me back to what developers are trying to accomplish. Typically, they want to help friends find each other within a seamless user experience. In Path’s case, it lets you sign in with Facebook, your address book and other sites to cross-reference them for any Path user who you’re already friends with elsewhere. This makes the service more valuable for users, which is a good thing.
Apple should be working to enable this while protecting user data in a more nuanced way, rather than just throwing in another permissions dialog like what it says it’s going to do. Facebook provides a good example of how it could do that. The social network has had to figure out how to balance friend list sharing with maintaining a simple social interface as its platform has grown over the years.
Today, Facebook shows you which friends are using an app before you install it. Imagine if Apple did this for Path and every other app in the App Store, instead of Path having to grab your address book afterwards to do the same thing.
If you click to install an app on Facebook, its permissions dialog tells you explicitly that you’re giving the app access to your friends lists (not friends’ emails and phone numbers) by default. If you don’t want to share your friends lists with the app, you don’t install it. If an app wants to do other things, like automatically share back to Facebook on behalf of a user, it needs to ask for additional approval within another permissions interface. If a developers wants to ask any user to contact friends within the app — for inviting them to play a game or whatever — it requires them to do so separately later on within the app.
On top of building in a feature that shows you mobile apps that you have in common with other iOS users, why doesn’t Apple offer a single permissions interface that gracefully explains the various permissions that apps might want, not just friend list access, but location, push notifications, etc?
I think the answer has do with Apple’s poorly-received Ping social network in iTunes. The company, for all of its amazing successes with software and hardware, just hasn’t made social features a key part of how it thinks about the world. The address book fiasco shows that when it ignores key social features, it gets itself and its developers and users into privacy issues. For the sake of its users and developer community, now is the time for Apple to focus on getting social features right.