Apple has closed a loophole in its App Store rules which allowed developers to gather and sell information about iPhone owners' friends and other contacts without consent.
Until last week, developers have been able to ask users for access to their phone contacts then sell the harvested information or use it for marketing purposes.
As revealed by Bloomberg, developers sharing and selling databases of address book information gathered from iPhone users will be banned from the App Store.
The practice of sharing data gathered without consent is what landed Facebook in trouble in March this year, after millions of people's data was shared with Cambridge Analytica by an outside developer.
While the mass gathering of data for targeted advertising is not part of Apple's business model, security expert Domingo Guerra told Bloomberg that the platform holder has been complicit in the practice.
"They have a huge ecosystem making money through the developer channels and these apps, and until the developers get better on privacy, Apple is complicit," he said.
"When someone shares your info as part of their address book, you have no say in it, and you have no knowledge of it."
Apple may have taken action, but the company has no power to retrieve the data that has been shared already.
When a user downloads an game and allows it access to their contacts, they effectively grant permission to harvest dozens of data points -- from name and phone number, to profile photo, email, birthdays, and even home and work addresses -- even though the people in their address book gave no consent.
Although reportedly the majority of apps and games may have fairly innocuous uses for this feature, such as informing your friends you have downloaded a game and inviting you to join them, some are selling the data to supplement their free-to-play and advertising monetisation models.