http://www.pcpro.co.uk/news/security/36 ... nformation


I do hope that the EU do something to stop this.

Although it's terrible, this sort of thing has been happening for years on the desktop...

Yes that is just as bad. While some people give their personal data away like confetti, some hate the idea of it being taken without their permission. I do hope that the EU does something about this. Fining Apple for allowing it to happen and not allowing users to block such data losses. At least Apple can afford a huge fine. That will send a huge signal to everyone else and for app developers if the fines are large enough to stop this it will ripple across all platforms, very rapidly.

Is it Apple causing the data loss, or the app developers? I’d say go for the app developers as they are doing the deed.

I'd say go for Apple. As they check all apps for "quality" and approve all apps before the public can get to them.

This, because of the store. After all, if I buy something from Tesco then it's Tesco I'd take it back to, not the manufacturer.

Plus it is Apple's hardware that it is being used on.

Apple could be involved for contributory negligence but it would be relatively easy suit to get dismissed - they could simply say they don't legally guarantee the safety of apps and make all reasonable efforts to ensure the apps in the site are valid, but they don't catch everything and they never could. And that as soon as they're notified that an app is infringing they remove it. Most courts would accept that as a defense. The only people you'd stand a reasonable chance of getting to court are the app makers. And if they are in, say, China you'd be utterly wasting your time there as well.

Yes but Apple could recover the sale proceeds from the developers. Personally if Apple put a system in place that blocked such leakages within the OS then it would not be an issue and they could remove any apps that leaked until they reapplied for approval.

That makes no difference. If an application running on a Windows machine leaked data, then that would mean that any manufacturers of hardware it could run on are liable.

No - the app writer is ultimately responsible. Apple could only be deemed responsible if it's checks included such things. I don't believe that they do. Apple's checks are for UI compliance, properly compiled and signed code, etc..

Yes but the first port of call should be Apple. I do see your point though. The problem is that app developers will do it if they can get away with it. Imagine if malware writers deliberately wrote proper apps that do exactly what they are supposed to do but also send your private data to some data thief. In which case the app developer will probably be long gone by the time the lawyers appear. Apple still need to do something as well. Though it does not mean that they are completely in the clear. Don't forget that I am a mac user but am more than willing to give Apple a hard time if they do something wrong. Same for Microsoft. Apple should at least give the user much more control over the data that is taken, even on a app by app basis. Once they do that then any problems will be down to users and app developers, with Apple in the clear in that they are doing as much as is reasonable.

With all due respect just because you keep saying it doesn't make it true. it would be an utterly pointless and expensive waste of money to start legal proceedings against Apple.

No you could ask Apple to disclose the details of the developer. No need for legal proceedings in that case.

Hm, I think it could be fought in Court either way TBH. The very fact that Apple has an "approval process" for Apps. is what distinguishes it from other hardware manufacturers. By retaining total control over what may be installed on an iPhone, Apple may very well have made themselves liable. Unless they have a complete due diligence system, I'm not convinced they could waiver liability just by stating so in the Terms & Conditions.



£50 in the County Court...

They absolutely can. Companies do it all the time. One of the basic functions of T&C is to establish limited liability on the part of one or other party. The T&C will essentially say 'we will do our job and follow our procedures and you agree that's good enough'. If you can prove they didn't hold up to their part fair enough but good luck proving that.


There is a principle in British law... I can't remember the legal phrase but it's summarised as 'you go after the person most directly responsible first'. if you went to court with a case against Apple without having first gone after the makers of the app - and the details of the makers of all apps are listed in their entry in the app store - the judge/magistrate will boot you out and tell you to go after the people most responsible.

Honestly, I do find this somewhat bizarre. If a man sells you a dodgy car, you go after the man, not Ford or Vauxhall. If someone steals your data off the electoral register and poses as you, your beef is with him, not with whoever compiles the register. Some of the attempts here to pin the blame on this to Apple rather than, you know, the people who are actually stealing your data in the first place, are getting beyond logic let alone legal principle.

Jon