Chance Miller, 9to5Mac:
In the instances we’ve seen, the apps in question don’t do enough to inform users about what happens with their data. In addition to simply asking for permission, Apple appears to want developers to explain what the data is used for and how it is shared. Furthermore, the company is cracking down on instances where the data is used for purposes unrelated to improving the user experience:
You may not use or transmit someone’s personal data without first obtaining their permission and providing access to information about how and where the data will be used.
Data collected from apps may not be used or shared with third parties for purposes unrelated to improving the user experience or software/hardware performance connected to the app’s functionality.
Good — there’s almost no circumstance in which a third-party has any business in receiving location data when it isn’t connected with what the app actually does. But this is also the kind of thing I wish App Review was better at catching in the first place. Apps that request permission for location data, or access to contacts, or access to the photo library — in particular — ought to be subject to a degree of scrutiny that would prevent malicious uses of this functionality from appearing in the App Store in the first place. I’m not saying that they don’t catch this behaviour; rather, that there shouldn’t be enough apps in the store abusing location permissions to warrant a “crackdown”.