Apple clarifies its UDID position: no rejections yet for use, only for lack of user opt-in
Ain't what you do, it's the way that you do it
Speaking off-the-record, an industry insider told us they had been in contact with Apple and had been categorically told the news it was rejecting apps over UDIDs was a rumour.
Instead, apps and games had been rejected for the subtly different reason that aren't securely transferred data (for example using SSL) or they didn't give users the option to opt in (or out) from use of UDIDs.
This climes with the fine print of the feedback from developer Tapbots.
Be open, be honest
It's something that demonstrates the complexity of the situation.
The mobile industry in general, and Apple in particular, is under scrutiny by the US and various European governments over privacy issues, notably personally identifiable information.
In this context, any company that provide a platform which assumes users will opt into providing personal information is likely to find itself in a difficult situation.
Hence, from what we've been told, the use of UDIDs to track a device (basically a user) is presently allowable as long as the practice is overt; something a number of promotional platforms are believed to be adding to their SDKs.