A recent New York Times article — Apple Loophole Gives Developers Access to your Photos, highlighted an iOS privacy concern that ProCamera would like to address.
As one of the leading iPhonegraphy apps, ProCamera is aware of the importance of respecting its users’ privacy. Further, the team at ProCamera would like to go on record as saying that the photos/videos and data you capture via ProCamera app and maintain in your media library, are yours, are kept private, and are not viewed, saved, downloaded, moved to remote servers, or otherwise misued by ProCamera.
For those who want even more certainty, ProCamera has provided a way to use ProCamera without granting access to your “location data.” More on that later.
The iDevice privacy controversy gained traction after the New York Times hired an app developer to create “PhotoSpy” (never submitted to the App Store). PhotoSpy, a ‘test’ app, was able to collect photos and location info from an iPhone; “When PhotoSpy was opened, it asked for access to location data. Once this was granted, it began siphoning photos and their location data to a remote server.”
The PhotoSpy ‘dummy’ app was able to surreptitiously copy an iPhone’s photo library, but only after it was given permission (“OK”) to access the user’s location data. The user (iPhone owner) was not alerted that granting access to “location data” could enable PhotoSpy, or other such nefarious app developers, to misuse the iPhone owner’s private data.
The undisclosed and expanded use of location data is at the crux of the privacy concerns highlighted in the NYT article. One key thrust was the need for developers to be honorable and for Apple’s App Store Team to “inspect what they expect” when reviewing and approving apps. Hence, the NYT suggests the onus is on both developers and Apple to maintain user privacy and to screen out any apps that misuse location data or otherwise abuse users’ right to privacy.
Now back to some specifics when it comes to ProCamera. The overwhelming majority of ProCamera users want to be able to access their media library for viewing and editing in our app (using ProCamera’s – ProLab, ProCut, ProFx). ProCamera follows Apple’s lead by using your iDevice Location Services. Once permission is granted by the user– Location Services turned ‘on’ in your iDevice settings– ProCamera is able to tie-in a user’s media library with our Quick Flick Album. Location Services is the way Apple secures location information within photos. But as this is an intricate matter, Apple solves this by denying access to the media library if the user disables Location Services (turned ‘off’ in settings).
As required by Apple, ProCamera must have Location Services turned ‘on’ to enable use of ProCamera’s Quick Flick Album. However, if for any reason, a user is simply not comfortable enabling Location Services, we do offer another option. With Location Services turned ‘off,’ a ProCamera user can still access the ‘old’ (1st gen) ProCamera photo album. This flexibility is the reason why ProCamera has maintained two photo albums:
- ProCamera’s new Quick Flick Album
- ProCamera’s original (1st generation) “one-photo-at-a-time” Photo Viewer
NOTE: If the user disables Location Services, Apple requirements would not allow ProCamera app users unfettered access to all of the photos in your media library. You can only pick one picture/video at a time with a component called “UI-Image Picker Controller.” Consequently, we do recommend users opt to access our Quick Flick Album.
The bottom-line … ProCamera users can rest assured that, no matter how you choose to use our app, we will always respect and maintain your right to privacy.
For those who might expect there to be a further ‘tightening up’ in the use of location data to prevent misuse by unscrupulous developers … you would be right. Apple took note of the NYT PhotoSpy test controversy and according to Tech Blogger Joshua Topolsky, will soon be implementing new security protocols;
We spoke to sources familiar with the situation, and were informed that a fix is most likely coming for the loophole. According to the people we talked to, Apple has been made aware of the issue and is likely planning a fix with an upcoming release of iOS. Those sources also confirmed that the ability to send your photos and videos to a third-party is an error, not an intended feature. If we had to guess, the fix will likely come alongside a patch for Apple’s other recent security issue — the ability for apps to upload your address book information without warning.