1

I have an app that involves messaging (and it's a big part of the app). People can text each other through the app, and every message is kept on our server, uncrypted. (We never really thought of encrypting it)

The user has to accept terms when he creates his account and it's all written there, but my question is the following :

Knowing the user supposedly read the terms, is it still legal/allowed by apple to keep all the messages on our servers? We can identify who wrote it and what is written, obviously, but the users can only read his own messaging feed. Is that ok? Or should we run a encrypt algorithm when uploading the message and decrypt it on the reciever side? Or any other relevant idea/solution?

Artjom B.
  • 61,146
  • 24
  • 125
  • 222
Gil Sand
  • 5,802
  • 5
  • 36
  • 78
  • Just encrypt it. Though I don't think it is illegal – Maarten Dec 18 '14 at 14:49
  • 3
    This question appears to be off-topic because it is about legal issues. Please consult a lawyer, not the Internet. – rmaddy Dec 18 '14 at 15:24
  • It's also about how Apple treats private messaging. Also, asking if someone already has the information is the same as asking for the information in exchange for money. Except on the internet I can usually get that information faster and for free. And I could even get some extra details on top. Like about my third or fourth question in the text. I don't know, i just feel that you saw the word "legal" and instantly stopped reading and raised your off-topic flag like a war just begun. – Gil Sand Dec 18 '14 at 15:31
  • read the terms and conditions of your iOS developer agreement in itunesconnect (about 60 pages). – mahal tertin Dec 19 '14 at 09:15

1 Answers1

1

  • The T&C your working with Apple are documented in iTunes Connect > Contract, Tax, Bank > iOS Paid Applications and iOS Free Applications

  • TINLA: They don't say anything about how to store the data of your customers (by my brief understanding)

  • When distributing your App thru App Store as you say have you own Privacy Policy provided. If not then the standard EULA applies. the standard also does not say anything about privacy / encryption.

mahal tertin
  • 3,239
  • 24
  • 41