Apple is rejecting apps that access the UDID (unique device identifier) codes of iOS devices, according to developers.
A report that appeared over the weekend on
TechCrunch suggests that Apple is reacting to scrutiny from US Congressmen relating to how mobile apps impact on individual’s privacy by blocking apps that access this data.
Apple had told developers late last year that it planned to block the ability of iOS apps to access the UDID – a string of 40 characters that identifies a particular iOS device – but according to the report it has brought its efforts ahead of schedule in order to satisfy lawmakers.
UDIDs are useful to developers for a number of reasons – for example, compiling analytical data about use of an app and for providing behavioural data to mobile ad networks that can then be used to help advertising be targeted for specific individuals.
However, collecting UDID data is also a contentious issue. In October 2010, research found that 68 percent of the top 50 apps in the App Store were transmitting UDIDs back to developers.
Two months later, Apple was hit with a lawsuit that claimed many high-profile apps were collecting UDID data and sending this on to advertisers.
In February 2011, Apple was again targeted by a lawsuit, this time alleging that Apple did not “inform mobile device users that by providing application developers with their UDID, Apple enables them to put a name to highly personal and in many cases embarrassing information derived from app downloading activity and usage, and internet browsing history, that would otherwise be anonymous”.
In May 2011 and another lawsuit that objected to the collection of location and UDID data by Apple and app developers was filed in Puerto Rico.
Data collection policies used by app developers are currently being assessed by the US House Energy and Commerce Committee and Apple’s reaction has meant that developers are struggling to update their apps accordingly.
Canadian development firm Fluik told TechCrunch that it was “scrambling to get something in place” and that it had moved to an “alternative scheme” which it did not outline.
Other developers questioned in the article said that it was possible that apps may explicitly ask users in future if they could collect UDIDs, though it was expected that very few users would consent to this. So other alternatives such as MAC (media access control) addresses could be used, though like UDIDs a user cannot clear or delete this data – unlike web cookies – so many of the privacy issues raised by UDIDs still apply.