I think the idea was that you wouldn't install apps on your phone that you didn't trust. Obviously that didn't turn out to be practical so now they're adding more fine-grained control.
This phone has a much more restricted installation experience. There is only one installer, and Apple knows who to blame if any of the software it installs turns out to be malware.
I think the idea was that that tractability would deter people from trying to put malware on the App Store.
And that has worked reasonably well. Yes, there were several cases of apps that did not inform users that they uploaded data to implement features they advertised, but I am not aware of downright malware (say a fart app that uploads you address book to some server), and yes, Charlie Miller got a nefarious app on the App Store, but that malware was traceable back to him.
The thing Apple did not think through well enough is the privacy issue. Users can feel uncomfortable about apps uploading their data, even if that is necessary to implement app functionality, because they may not trust the app writer to do nothing else with the data.
Also the personal information is more limited. At first the only "personal" information was my name and the name and phone numbers of my friends. This information is available (in theory) in a phone book.
This shouldn't be an "initiative." This should have been a standard practice from day one.