Apple is dealing with another privacy mess, as many apps hosted in Apple store are using a third party code developed by Glassbox that records what people do within their apps.
Apple told developers Thursday that they need to either stop using the Glassbox code, or at the very least warn users they are being recorded.
A TechCrunch report first unveiled the apps that were using data-capturing code.
Apple has policies in place designed to prevent such behavior. But the fact that Apple learned of the issuess through the press shows the limits of its ability to keep users safe.
The company points to their App Store review guidelines, which require apps to get explicit user consent and also to provide visual indication of any type of recording.
Glassbox's software is also running on Android devices. Google has yet to respond to an inquiry as to what, if any, action it will be taking.
Glassbox says that the company and its customers are not interested in “spying” on consumers. "Our goals are to improve online customer experiences and to protect consumers from a compliance perspective. Since its inception, Glassbox has helped organizations improve millions of customer experiences by providing tools that record and analyze user activity on web sites and apps. This information helps companies better understand how consumers are using their services, and where and why they are struggling," the company says.
"Glassbox provides its customers with the tools to mask every element of personal data. We firmly believe that our customers should have clear policies in place so that consumers are aware that their data is being recorded — just as contact centers inform users that their calls are being recorded," Glassbox added.
Furthermore, Glassbox says that no data collected by Glassbox customers is shared with third parties, nor enriched through other external sources. "All data captured via the company's solution is encrypted, and customers are provided with the ability to mask every piece of data entered by a consumer, restrict access to authorized users, and maintain a full audit log of every user accessing the system," Glassbox claims.
Glassbox said it planned to implement development changes and improve the user opt-in methodologies contained within the Glassbox solution and work with Glassbox customers to configure the same within their user subscription processes.
Meanwhile, Apple released a patch for the FaceTime bug that allowed users to see a recipient even before a call was answered. The iPhone maker also added a fix for another, previously undisclosed bug, reported by Google.