Apple rejecting iOS apps that access UDIDs as privacy probe intensifies

Apple (NASDAQ:AAPL) reportedly has begun rejecting iOS applications that access unique device identifiers [UDIDs] in iPhones and iPads, a move that coincides with mounting lawmaker interest into how mobile apps collect and use consumer data.

Apple first warned iOS developers in August 2011 that it would limit their access to UDIDs (alphanumeric strings unique to each Apple device), stating on its website that UDID access "has been superseded and may become unsupported in the future." At that time, Apple stated developers may still create identifiers unique to each individual application. TechCrunch reports Apple began reaching out to some developers a few weeks ago urging them to halt their reliance on UDIDs, and is now aggressively rejecting new apps submissions that incorporate UDID use.

"Everyone's scrambling to get something into place," said Victor Rubba, CEO of Fluik, the Canadian developer behind mobile games like Plumber Crack and Office Jerk. "We're trying to be proactive and we've already moved to an alternative scheme." Mobile game promotions platform Playhaven also told TechCrunch that several of its developer partners have received App Store rejection notices within the last week, with CEO Andy Yang recommending that developers consider supporting multiple ID systems until there's a clear replacement.

The TechCrunch report adds that Apple is currently directing two of its 10 App Store review teams to summarily reject any app submissions that access UDIDs; that number will soon increase to four teams, and will continue to grow until all 10 teams are dismissing apps that continue to leverage UDIDs.

Developers and social gaming platforms have relied on UDIDs in iOS devices to collect personal data about consumers, even building detailed profiles outlining how they use applications. Mobile advertising networks have also depended on UDIDs as a campaign targeting tool, tracking consumers from app to app to determine how, when and why they respond to campaigns. "The UDID is essential for managing the conversion loop," said Jim Payne, CEO of real-time bidding platform MoPub. "All the performance dollars that are spent on mobile are going to impacted by this not being there."

Last week, U.S. Representatives Henry A. Waxman (D-Calif.) and G. K. Butterfield (D-N.C.) mailed letters to Apple and 33 iOS developer partners including Path, Facebook, Twitter, Pinterest, foursquare and LinkedIn to determine how iOS apps gather user data, what they do with it and what notices they provide to consumers. According to a U.S. House Committee on Energy & Commerce statement, lawmakers want the information to begin building a "fact-based understanding of the privacy and security practices in the app marketplace." Developers have until April 12, 2012 to respond.

The letters follow the recent discovery that some iOS apps can upload entire address books to their servers, complete with names, telephone numbers and email addresses. Last month, Apple said it would upgrade its software so that developers can only access users' contact data after receiving explicit permission to do so. Apple made the announcement after the Path application came under fire for collecting and storing user contacts.

For more:
- read this TechCrunch article

Related articles:
Facebook, Pinterest among 33 iOS developers targeted in app privacy probe
Facebook, Apple targeted in mobile app privacy class action suit
Lawmaker urges FTC to probe iOS, Android privacy breaches
Report: Apple loophole gives iOS developers access to user photos
Apple, Google consent to mobile app privacy accord
Apple phasing out developer access to UDID tracking with iOS 5