iOS Address Book Access Should Prompt the User for Permission ⇥
Marco Arment weighs in:
We can’t prevent services with poor judgment or low ethical standards from doing creepy things with the data once it’s sent to them. We can’t even realistically use App Review to only permit access to the Address Book fields (email, name, phone, etc.) that are justifiable for any given app to access, because there are too many gray areas.
But Apple can, and should, assure users that no app can read their contact data without their knowledge and explicit permission.
He practices what he preaches, too. Instapaper is very explicit and privacy-conscious about how it uses this data.