Is Your Address Book an Open Book?

Twitter was buzzing last week when a Singapore-based iOS developer, Arun Thampi, posted a note about Address Book and privacy. It seems the issue did not travel far up the media pipeline to most of us, but a number of industry insiders commented on it, most notably ZDnet. Gizmodo republished the post and thousands of users showed concern. That’s thousands of users, while Apple reports that they sold 37.04 million iPhones in the first quarter of fiscal year 2012. This is an issue that concerns all of us that use iOS devices and we should be acutely aware of who takes our personal data and how they use it. Further, what safeguards does a company use to protect our data against potential misuse.
It all started with the reposting of Thampi’s notes by ZDNet Jason O’Grady and others that the popular Path social media app copied your Address Book data to its servers. Path claimed it needed your data to help you connect with friends across multiple social media sites. Once this news became public, Path addressed the issue, first by offering to remove your data if you emailed them, but later the company replied that they had removed everyone’s Address Book data from their servers. Path was updated on 2/13 and now prompts you to opt in or out of sharing your Address Book with their servers. While this one company responded to user complaints and reacted favorably, it is still unclear how many other apps may be storing your personal contacts on their servers.
Lucretia Pruitt of the The Social Joint blog notes in the comments on one site “Šmy personal information is in their servers despite the fact that I never opened an account with them. Simply through the advent of having friends who have Path accounts, my information is in their servers.”
This problem isn’t limited to the developers, because as Jason O’Grady at ZDNet The Apple Core notes, Apple approves these apps that are not following its own developer policies.
Since this Path debacle, the follow-up is sparse and I’ve not found any more information as to which other apps saves your Address Book data. It’s as if Path acted as the sacrificial lamb and the issue recedes into the ether. I did find one note on Daring Fireball that the 2/10 update to the photo sharing app Instagram now includes a request to share contacts, but that’s a small drip in the privacy bucket.
Mike Issac at Wired asks, “To what degree can a technology company collect users personal data without facing backlash from the public at large? What is acceptable, and what is going over the line?” Certainly this issue should be of concern to millions of users, not just the few thousand that have read about it so far. And that is the question I ask MacMost readers now.
Does this issue concern you? What do you think we can do to protect our contacts lists from being accessed or used by companies who think they provide a service we may not have approved?

Comments: 9 Responses to “Is Your Address Book an Open Book?”

    greg
    2/15/12 @ 6:10 am

    Gary,
    i use may iphone for work pics and personal pics , i want to be able to download just work pics without the personal ones, how would you suggest i do that….

    thanks,
    greg

    ileneh
    2/15/12 @ 11:03 am

    Hello Greg,
    If you want to selectively download some photos off your iPhone, use Image Capture. It is included with your other Apple apps that come with your computer. Just open Image Capture after you connect your iPhone to your Mac. You can choose which photos to offload to your computer and which ones to delete. You can keep some photos on your iPhone if you like even after you offload them.
    If you have more questions, please leave a message in the Q&A Forum. Thank you.

    Cynthia
    2/16/12 @ 10:48 am

    Yes, this issue does concern me; I’m not certain as to what can be done about it. Since quite a few apps/companies wouldn’t be ethical enough to warn us in simple terms, I think that ideally it would be best if the software OS on our devices would alert us (simple clear message) when attempts are being made to extract/copy or access by third parties other than our approved list–and give us the opportunity to deny the access before it begins.

      Camelus
      2/17/12 @ 12:28 am

      Ditto!

    Scott P
    2/16/12 @ 10:59 am

    I’m concerned. I hope someone will find a way to prevent sharing without permission. As a user, I don’t feel like I ever know whats really happening to my info.

    ileneh
    2/16/12 @ 1:36 pm

    Cynthia and Scott, it is good you are both concerned with this issue. My thinking is that we cannot expect each small developer to protect our interests, which puts it into Apple’s lap. They have guidelines for when, if, and how, data is transferred off our devices and they should just not approve an app that doesn’t explicitly ask a user’s permission before transferring data. I think Apple has been remiss in making sure the developers follow their specifications.

    Jose Jacob
    2/16/12 @ 3:28 pm

    Taking data without permission is illegal and taking advantage of user base which needs to be taken seriously by Apple as it is their platform other apps are built. Every one of us make sure that personal information is belong to us and it is nobody else’s business.

    RickH
    2/17/12 @ 7:22 pm

    Read the fine print. Read the end user agreement. Chances are its all there and very few people read it.
    I too dislike things happening without my express knowledge and I never give out things like address book contacts.
    While Apple has things that “just works” others are exploiting the same theme called “just taking”.
    NEVER TRUST ANYONE!

    Nancy
    2/18/12 @ 9:25 am

    I don’t believe that privacy laws apply to consumers in that consumers aren’t required to protect the information of other consumers, i.e., their friends and family (unless for fraudulent purposes). In this case, consumers are compromising other consumers’ personal information by accessing or joining sites that allow them to access friends and family’s personal information. It’s not right, we complain constantly how financial institutions use our information but we apparently as a society don’t care how we share our friends and family’s personal information. More laws, more government? Difficult to balance because there are unscrupulous people out there who care about nothing but themselves.

Comments Closed.