Actually, it'd be very easy to spy on someone when coding a native Objective C application on the iOS. In fact, with enough dedication I know it's technically feasible to do the same thing with Adobe Flash Builder, just I don't want to have to senselessly go through that pain. The iOS doesn't ask users to verify starting a camera feed and it shouldn't - if an application is running, the permissions issues have all been worked out because of Apple's security model, unlike Android, where you have to manually grant permissions for each application. But even with Android, the permissions have been granted by the user in-advance so it's pointless to re-authorize.
In fact, I haven't played around with it but I'm suspecting that you might even be able to get around the double-verification with your own framework if using Webcam Publishers/Subscribers rather than the WebCamera container. Actually, I think I'm going to eat my words there because I'm pretty sure you guys have put in the intentional layer of security again with those.
But my point is it's very silly because essentially you're requiring double-verification. If a user were running these applications on a desktop, Flash would explicitly ask for permission for the application to access the camera and then your container would AGAIN ask to start the camera. That's pointless double-verification. The only difference on a mobile application is that the "Flash permission" has already been granted and the application doesn't need the user's permission.
i.e. this is what I'm trying to do:
1. I'm trying to build a game that runs on the iOS where the game revolves around users having a live video feed of each other. They will already be seeing my menu of "Start Game" and I want the feed to start instantly after they press that button - but rather than that happen, they will see your container that asks them to start the feed first. That's bad for a number of reasons, especially because it interrupts the user experience and prohibits me from customizing the interface.
Now I'm 99% confident that the container's start camera feature has nothing to do with your security model and is just part of the container. Any Flash Chat application doesn't have this second-security-layer nonsense built into it and if compiled using AFB, wouldn't have it on mobile either.