[governance] Twitter pirating smartphone contacts without user knowledge

Riaz K Tayob riaz.tayob at gmail.com
Thu Feb 16 04:42:37 EST 2012 

[From Foxconn through to Apple's oops about GPS tracking and now this... 
you can go to jail under ACTA but this kind of thing just warrants a 
small apology I suppose...]

15 February 2012 Last updated at 22:25 GMT


Social apps 'harvest smartphone contacts'
A woman holds her iPhone 4 in Hangzou, China 13 January 2012 Critics say 
Apple should not approve apps that copy user data, according to the 
company's own policies


Twitter has admitted copying entire address books from smartphones and 
storing the data on its servers, often without customers' knowledge.

Access to the address book is enabled when users click on the "Find 
Friends" feature on smartphone apps.

Two US congressmen have written to Apple asking why the firm allows the 
practice on its iPhone, as it contravenes app developer guidelines.

Twitter has said it will update its privacy policy to be more explicit.

The practice came to light when an app developer in Singapore, Arun 
Thampi, noticed that his contacts had been copied from his iPhone 
address book without his consent by a social network called Path.

Dave Morin, CEO of Path, apologised and said Path would ask users to opt 
in to share their contact information.

However, he noted separately that it was an "industry best practice" to 
upload or import address book information.

iPhone apps by social sites including Facebook, FourSquare, Instagram, 
Foodspotting and Yelp are also reported to access the address book.
Permission not granted

Critics have noted that these apps are all available for download from 
Apple's iTunes store, even though the practice of copying address book 
contacts without prior consent appears to violate its user guidelines.

The Apple guidelines say: "Apps that read or write data outside its 
designated container area will be rejected."

They add: "Apps cannot transmit data about a user without obtaining the 
user's prior permission."

Social networks have said that data taken from smartphones - which 
includes names, phone numbers and email addresses - is used only to 
identify friends who used the same service, and notify the user.

But sometimes the data appears to be taken without first informing the 
user, or indicating how long the information will be saved for.

Twitter said it would update its app in the wake of the disclosure, and 
clarify its privacy policy for users.

"We want to be clear and transparent in our communications with users. 
Along those lines, in our next app updates, which are coming soon, we 
are updating the language associated with Find Friends - to be more 
explicit," Twitter spokeswoman Carolyn Penner said.

Currently, Twitter tells users that it "may customize your account with 
information such as a cellphone number for the delivery of SMS messages 
or your address book so that we can help you find Twitter users you know".

Twitter informs iPhone users that it will "scan your contacts for people 
you already know on Twitter".

However, the Los Angeles Times reported that the app in fact uploads 
every address book contact and stores it for 18 months - something not 
made clear by the app.

http://www.bbc.co.uk/news/technology-17051910

-------------- next part --------------
____________________________________________________________
You received this message as a subscriber on the list:
     governance at lists.igcaucus.org
To be removed from the list, visit:
     http://www.igcaucus.org/unsubscribing

For all other list information and functions, see:
     http://lists.igcaucus.org/info/governance
To edit your profile and to find the IGC's charter, see:
     http://www.igcaucus.org/

Translate this email: http://translate.google.com/translate_t

More information about the Governance mailing list