Per Bloomberg, app developers have been abusing their access to users' contact info for years. Their apps ask for access first, then harvesting the data for marketing purposes or even selling it outright -- all without permission from the contacts affected. Apple's updates to the App Store guidelines now prohibit developers from making databases of info gleaned from address books, nor can they request access to contact info under one pretense and then use it for something else -- they have to get consent for what they're actually using it for. And selling that data to third parties is now forbidden.
Apple isn't making these changes in response to any particular scandal, though its CEO Tim Cook certainly criticized Facebook during the Cambridge Analytica scandal for that company's misuse of user data. (He later rejected the assertion that Apple inappropriately received any personal info from the social media company during this time period.) But following the implementation of the EU's privacy-intensive GDPR last month, restricting third parties' potential access to data sourced from users on Apple's devices seems a smart move anyway.