> In a sea of predatory applications, why is lending the only one that gets blocked here?

Because lending apps are the only one to engage in egregious behavior, see [1] as an example. The relevant sections are quoted below:

> If a user was late to repay, the app had previously indiscriminately texted or called contacts in the user’s phone as part of loan collection efforts. This process began immediately after a loan repayment was delayed, according to user reviews.

> Numerous users reported that friends, family, employers, and other contacts were harassed and threatened through Opera’s apps when a borrower was late.

(...)

> In another example, the apps threatened to place friends or family of a borrower on a national credit blacklist if they didn’t convince the actual borrower to pay:

[1] https://hindenburgresearch.com/opera-phantom-of-the-turnarou...

> If a user was late to repay, the app had previously indiscriminately texted or called contacts in the user’s phone as part of loan collection efforts.

Didn't LinkedIn do something similar early on? Harvest your contacts and then email everyone trying to get them to join.

Yes. I had a phone with a “glove mode” toggle for the touch screen. I discovered it sometimes registered false taps when I pointed at that button to show a friend how terrible it was that the feature existed.

Of course, there was no “are you sure?” after accidentally tapping it.

It sent things to mailing lists, non-work acquaintances, businesses I was a customer of, etc, etc.

There is such a thing as going too far though. An app I'm familiar with had Apple rejecting the app for accessing contacts, even though the contacts stay on device at all times and the only way they are exported is if you send a debug log which has a warning modal about their contacts being logged and gives the user the chance to edit those out.

There was nothing to be done that would satiate Apple besides disabling the contacts permission, so the user experience is now worsened. It's still death by a thousand cuts when working with these app stores.

As the other person said, what did it actually need the contacts for?

Was it being rejected for asking or for being broken if it didnt get the permissions?

Or was it simply not able to give a justifiable reason to Apple for needing the permission?

You say it was staying on device but once you have access to those contacts it would be trivial to add the ability to send them to a server or have them leak via third party tools like the facebook sdk. That would be completely invisible to the user after giving past permissions.

The fact that you say that the user experience is now worsened makes me believe that contact access was not an absolute requirement for the app to exist (like say... a contacts organizer or something) and is extra functionality.

Personally with very very few exceptions I will not grant an app access to my contacts since anyone in my contacts don't have the luxury to also consent to some company having their data.

Calling, texting or emailing said contacts from inside the app. Having this data was for the exclusive benefit of the end user, and the permission was optional and did not block use of the app.

There were no social SDKs integrated, and the app and build pipeline are public on GitLab.

What did the app need the contacts for? I'd say I side with apple on that (I can see how it could be abused to shut down competition though). There really would need to be a good reason to have the contacts. (I don't want to debate the threshold, just interested in a "benign" example of needing contacts)

Calling, texting or emailing said contacts from inside the app. Having this data was for the exclusive benefit of the end user, and the permission was optional and did not block use of the app.