Apple removing hundreds of App Store apps over advertising SDK that collects user data

“Code analytics platform SourceDNA has found hundreds of apps on the App Store that used private APIs to collect private user data, like email addresses and device identifiers, slipping under Apple’s radar in the approval process,” Benjamin Mayo reports for 9to5Mac.

“The code got into these apps through the inclusion of a mischievous third-party advertising SDK, which secretly stored this data and sent it off to its own servers,” Mayo reports. “Apple has now verified the SourceDNA report and is removing all of the apps that included the advertising SDK from the store, as using private API calls is a breach of App Review Guidelines. Apple has also patched its approval processes to prevent any more apps that use this technique to make it onto the App Store.”

“The SDK under examination comes from a Chinese advertising company, Youmi,” Mayo reports. “SourceDNA used its own binary search tools to find 256 apps that included the unscrupulous SDK, which have received over a million downloads in total.”

Read more in the full article here.

MacDailyNews Take: Apple just continues to protect users’ privacy.

In related news, Google adds thousands of apps to Android store that collect user data and calls it a feature.

Porsche chooses Apple Car Play over Android Auto because of Google’s rampant data collection demands – October 6, 2015
Apple acquires advanced artificial intelligence startup Perceptio – October 5, 2015
Apple takes a swing at privacy-tampling, personal data-guzzling rivals like Google – September 29, 2015
Apple reinvents the privacy policy – September 29, 2015
Apple selling targeted ads, but their new privacy policies shows they think different about tracking – September 29, 2015
Apple: Hey Siri and Live Photos data stays only on your device to ensure privacy – September 12, 2015
Apple issues iPhone manifesto; blasts Android’s lack of updates, lack of privacy, rampant malware – August 10, 2015
Edward Snowden supports Apple’s stance on customer privacy – June 17, 2015
Mossberg: Apple’s latest product is privacy – June 12, 2015
Apple looks to be building an alternative to the Google-branded, hand-over-your-privacy ‘Internet Experience’ – June 11, 2015
Understanding Apple and privacy – June 8, 2015
Edward Snowden: Apple is a privacy pioneer – June 5, 2015
Edward Snowden’s privacy tips: ‘Get rid of Dropbox,” avoid Facebook and Google – October 13, 2014
Apple CEO Tim Cook ups privacy to new level, takes direct swipe at Google – September 18, 2014
A message from Tim Cook about Apple’s commitment to your privacy – September 18, 2014
Apple will no longer unlock most iPhones, iPads for police, even with search warrants – September 18, 2014


  1. Multi-step process:
    1) Remove the offending apps from The App Store
    2) Notify everyone who downloaded these apps (and automatically delete these apps?)
    3) Refund the purchase price for these apps, since they were “defective” relative to Apple’s requirements
    4) Block the offending developers permanently
    5) Sue the offending developers for cost plus damages

    The biggest question in my mind – should Apple simply delete these apps because they do not comply with Apple requirements? Or should Apple leave it up to customers to choose whether or not to delete them?

  2. These apps were accessing and storing personal information, like Apple ID and device serial numbers, according to a report by SourceDNA. The security blog found 256 tainted programs, all of which had used a software development kit (SDK) provided by Chinese advertiser Youmi. Youmi then allegedly farmed the information from users, largely unbeknownst to the actual developers of the apps, according to SourceDNA.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.