Uh, how could it violate CFAA? It's their own systems, and their data (they own it all).

I have no clue whether this violates CFAA, but arguably they usurped address books and intercepted user's communication.

This was obviously intentional, and the timing makes sense -- Apple is rolling out address book synchronization with Facebook.

I hope this forces Apple to reconsider.

Maybe it's a stretch . . . But it does sound like their system is presently causing changes to occur in external systems that were not authorized. Then again, having your address book linked to FB might be construed as authorization . . .