Why Apple's iOS 6 Privacy Protection Will Backfire

The permission dialog boxes in iOS 6 will most likely result in less, rather than more, privacy protection for iPhone and iPad users.

People don't like it when apps surreptitiously steal personal information. Apparently Apple's primary concern is the "surreptitious" part, though, rather than preventing personal data from being leaked or collected. New dialog boxes in iOS 6 may protect Apple, but will do little to help users safeguard their privacy.

Earlier this year the proverbial "stuff" hit the fan when it was discovered that Path--a popular social networking app--was stealing contact info from the address books of the iOS devices it was installed on. That incident was followed by other revelations of privacy infringement, and congressional inquiries demanding stricter protection for users.

Apple responded to Congress with a statement claiming that a future release of iOS would change the process so that any app wishing to access sensitive data like contact information will require explicit user approval. That "future release", it seems, is iOS 6.

ZDNet's Ryan Naraine compared the iOS 6 permissions to Microsoft Windows, tweeting, "UAC comes to iOS."

As far as I'm concerned, UAC is a solid technology that does what it was designed to do. In my opinion, the negative publicity and backlash against UAC was more of a marketing or public relations failure on Microsoft's part than an actual issue with UAC. That said, I understand Naraine's comparison.

The problem with UAC--and with the new iOS 6 permissions--from the perspective of an average user is that it can be too overwhelming. People are inundated with pop-up alerts and dialog boxes requesting permission for this or that. They don't know enough to determine if the activity is legitimate or not, so they simply accept all requests.

Andrew Storms, director of security operations for nCircle, explains the crux of the issue in a blog post. "Instead of doing the difficult work of putting together a privacy policy that has some teeth or going after app developers already violating policies, Apple has basically decided to annoy their users by requiring them to click through a dialog box for just about every app on their phone."

Storms adds, "These dialog boxes are going to be like one of those whack-a-mole games--exactly the kind of thing users despise and ignore completely."

Obviously, if users simply approve all permission requests the result will be much less privacy and security rather than more. As Storms points out, this is purely a legal CYA (cover your "assets") move by Apple. If Apple wanted to protect iOS users, it would enforce stricter guidelines for app developers rather than making users jump through extra hoops.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.
Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tony Bradley

Latest Videos

More videos

Blog Posts