Archive

Apple rejected 215,000 iOS apps due to privacy concerns last year

Apple is talking up the efforts it makes to police the iOS App Store, revealing that during 2020 it rejected more than 215,000 iPhone apps for violating its privacy policies.

In a news release published on its website, Apple detailed an array of statistics of how it protected App Store users from being defrauded.

As Apple describes, a common reason why iOS apps are rejected from entering the store is because “they simply ask for more user data than they need, or mishandle the data they do collect.”

This concern has been brought into the spotlight recently by the release of iOS 14.5 which has required app developers to be more transparent about the types of data they might collect from users, and whether the information is used to track them or linked to their identity or device.

This requirement extends beyond the code written by the developers themselves, and includes any third-party code (such as advertising or diagnostic SDKs) which may also be collecting data.

Users can now easily refer to an app’s description in the App Store to see what data is being collected, and whether they are being tracked, before deciding whether they are comfortable installing the app or not.

Furthermore, iOS 14.5 and later can display a dialog asking whether you wish to grant an app permission to track your online activity, a technique used for a variety of purposes – including the delivery of personalised ads.

Note that you probably will not see Ask to Track notices if you have already configured your iPhone to disallow collection of identifier for advertisers (IDFAs).

Although some – most notably Facebook – strongly object to the new transparency about app tracking, groups such as the Electronic Frontier Foundation (EFF) have applauded the development describing it as a “great step forward,” and called upon Google to do something similar with Android.

Separately, claims that its policing of the App Store has protected its customers from “more than $1.5 billion in potentially fraudulent transactions, preventing the attempted theft of their money, information, and time.”

Highlights from the report include that Apple’s app review team rejected more than 48,000 apps for containing hidden or undocumented functionality, and that over 150,000 apps were refused entry to the iOS App Store because they were found to be “spam, copycats, or misleading to users in ways such as manipulating them into making a purchase.”

I don’t think anyone – even Apple – is claiming that the App Store is perfect, and that there are no dangers lurking there. But it is encouraging when the company shares statistics of the work it is doing to defend innocent users from privacy and security issues.

About the author

Graham CLULEY

Graham Cluley is an award-winning security blogger, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by companies such as Sophos, McAfee and Dr Solomon's. He has given talks about computer security for some of the world's largest companies, worked with law enforcement agencies on investigations into hacking groups, and regularly appears on TV and radio explaining computer security threats.

Graham Cluley was inducted into the InfoSecurity Europe Hall of Fame in 2011, and was given an honorary mention in the "10 Greatest Britons in IT History" for his contribution as a leading authority in internet security.