When iOS users allow an app access to location information, the app can copy users’ entire photo libraries, according to tests performed by the New York Times.

Following the news of address book info being accessed by iOS app developers, the NYT asked an unnamed developer to create a test app. The app was able to siphon photos from an iPhone to a remote server.

Apple initially granted developers this access back in 2010 to make photo apps more efficient. However, the loophole has gone unchecked. Problematically, photos include coordinates for the locations in which they were taken, so the movements of users can, in theory, be tracked. And as pointed out by app developer Curio co-founder David Chen, “Once the data is off of the iOS device, Apple has virtually no ability to monitor or limit its use.” Apple’s yet to comment on the situation.

[via New York Times]

Also Watch