As I'm sure many readers have heard, there has been some public outcry lately on the subject of iOS apps accessing the Address Book contacts of a their users and then sending the whole lot of them off to their servers, to accomplish their "friend matching" features.
Many companies have already corrected the error in their ways, (partially), and even Apple has stated that a future iOS release will lock down Address Book access, in the same way that permission is required to access a user's geographic location now.
In the meantime however, if you'd like a quick, easy and safe way to build a "find my friends" type of feature into your app, I'd recommend looking at DTSHashedContacts.
It's is a drop-in iOS library that provides a wrapper around the Address Book frameworks designed to ensure the privacy of user data. Before access is ever made to the Address Book the user will first be prompted for permission with a customizable UIAlertView prompt. Once access is granted the library returns hashed tokens representing the user's private data rather than the data itself.
Here's what it looks like to use it:
[hashedContactsProvider emailTokensWithConfirmation:^(NSArray* tokens) {
//When permission given
} whenDeclined:^{
//When permission denied
}];