The company has has changed its App Store rules in order to stop a
practice that's been employed for years. Developers ask users for access to their phone contacts, then use it for marketing and sometimes share or sell the information -- without permission from the other people listed on those digital address books.
Sharing of friends' data without their consent is what got Facebook into so trouble when one of its outside developers gave information on millions of people to Cambridge Analytica, the political consultancy.
According to Apple's updated App Store Review Guidelines, developers are not allowed to make databases of address book information they gather from iPhone users. Sharing and selling that database with third parties is also now forbidden. And an app can't get a user's contact list, say it's being used for one thing, and then use it for something else -- unless the developer gets consent again. Anyone caught breaking the rules may be banned.
However, Apple cannot retrieve any data that may have been shared so far. After giving permission to a developer, an iPhone user can go into their settings and turn off apps' contacts permissions. That turns off the data faucet, but doesn't return information already gathered.
The Google app store works a similar way. But Google mostly keeps quiet about how it uses people's data for advertising, while Apple often talks about not collecting user information or building profiles of them.