Standard app's EULA indicates user's consent to some use of data
Although it's true that the developer agreement says that the developer must not collect personal data without permission, the default EULA which applies to most apps does grant permission to record "technical data and related information". Specifically, here is the bit from the developer agreement:
"3.3.9 You and Your Applications may not collect user or device data without prior user consent, and then only to provide a service or function that is directly relevant to the use of the Application, or to serve advertising ..."
and here is the bit from the standard EULA: (http://www.apple.com/legal/itunes/appstore/dev/stdeula/)
"b. Consent to Use of Data: You agree that Application Provider may collect and use technical data and related information, including but not limited to technical information about Your device, system and application software, and peripherals, that is gathered periodically to facilitate the provision of software updates, product support and other services to You (if any) related to the Licensed Application. Application Provider may use this information, as long as it is in a form that does not personally identify You, to improve its products or to provide services or technologies to You."
Does "to provide services" include "to target advertising"? Say an app whose theme gives away some personal info about the user (e.g. "gay bars near here") sends its unique device ID ("technical data") to a server, and you use that to target "gay" adverts; is that OK or not?