This is the heart of the issue. Consumers don’t, can’t, and shouldn’t have to know the people and motives behind purchases in apps — all consumers should need to do is trust that Apple has done their job vetting all of this.
Apple failed to do that with Path and other apps that uploaded user contacts, but I have yet to see a scenario where in-app purchases turned out to be a scam. Apple vets the in-app purchases closely because they know that consumers trust them to do just that — and because Apple must spend the time and resources to vet these goods, Apple feels they are entitled to their cut.
I think Apple is entitled to their cut too — just so long as they continue to do an excellent job vetting the apps.
But they’re not doing an excellent job. They’re claiming to do a job that isn’t possible, then sticking inappropriate band-aids over problems retroactively if there’s enough press outrage.
There was no possible way for Apple to prevent “Pathgate” short of entirely preventing apps from getting at the phone’s address book data. The consumer trust in Apple is.. not misplaced – the App Store is a safer and nicer place than the Android store / Google Play / whatever it’s called – but it’s not fully justified. There hasn’t been a major in-app purchase scam yet.