X

Sign in

Sign in to confirm

Have you forgotten your password?

... or login with Facebook:

Don't have an AndroidPIT account yet? Sign up

Google And Apple: SHAME ON YOU For Not Enforcing App Privacy

Eric McBride
6

 

(picture from Gizmodo)

Android's marketplace is growing at an alarming rate, and while it's great to see so many enthusiastic developers submitting their ideas to the market, it's really disturbing to also see that privacy violations in both Android's and Apple's marketplace are getting way out of hand. Sure, this is a problem that Google is aware of, but combating it seems to have even the best engineers and security experts scratching their heads when it comes to apps that violate user privacy. Unfortunately, some recent new discoveries show that companies aren't being nearly responsible enough protecting private data from being harvested in the marketplace, including big names like Facebook and Twitter. 

On February 8th, a Singapore based software developer named Arun Thampi reported he discovered an iPhone app from Path had uploaded his ENTIRE address book to its servers without even asking for his permission. The CEO of Path responded by saying that "the use of this information is limited to improving the quality of friend suggestions when you use the 'Add Friends' feature and to notify you when one of your contacts joins Path," but admitted that "we now understand that the way we had designed our 'Add Friends' feature was wrong." The company has since then modified the app to ask permission, but would they have ever done that had this flaw not been discovered and brought to the attention of the public? How many entire address books did they manage to store before "realizing their design feature was wrong“? A pathetic excuse if you ask me. OF COURSE you need to ask permission to upload someones complete address book to your servers. Common. (their official "apology" can be viewed here).

Ever heard of a little app called Foursquare? I'm sure you probably have. Well you might be a bit dissappointed to learn that Foursquare was found to be "uploading all of the e-mail addresses and phone numbers in your address book with no warning and no explicit consent given,". What about Twitter and Facebook? Also uploading your entire address book to their servers. A Twitter representative responded that "after mobile users tap the 'Find friends' feature on its smartphone app, the company downloads users' entire address book, including email addresses and phone numbers, and keeps the data on its servers for 18 months." Apps from Twitter and Facebook were apparently uploading address book information, after asking or warning users, but apparently Twitter is now apologizing to users for not letting them know that they are actually storing it for months (or years apparently). UNACCEPTABLE. 

These most recent discoveries indicate that specific apps that a lot of people use (millions actually) are storing users complete phone books without permission of the user. This is a double dose of "that's messed up!“, as not only the privacy of the owner of the phone is being compromised, but also everyone in the owners phone book as well.

What makes this a complex issue is the fact that it's not only Google and Apple directly that we have to only worry about to protect our data, but the thousands of app developers creating apps for them. The Android market and IOS App store combined have a total of almost 1 million apps, and Apple's app store alone has had over 15 billion downloads, with the Android market following at around 10 billion downoads. That's a combined 25 BILLION downloads. Over 3 times more than the Earth's population. With that many apps downloaded, the question arises: Just how safe are the apps that we use, and how dangerous could they actually be when it comes to our personal data? Let's look at a few 

I don't know about you guys, but to me this is complete BS, and the problem is that doing this is becoming a common practice. Blogger Dustin Curtis performed a survey and discovered that 13 out of 15 IOS developers of apps with a "find friends" feature admitted that they also uploaded user contacts to servers without consent. 13 of 15?? WOW. Dustin went on to say that  "One company's database has Mark Zuckerberg's cellphone number, Larry Ellison's home phone number and Bill Gates' cellphone number." Apple took no action to prevent it until Tim Cook was actually sent a letter from United States House Representatives, which is funny because it completely violates Apples company rules in doing this. It has now been fixed, and Apple reports that  "any app wishing to access contact data will require explicit user approval in a future software release." It only took 15 BILLION downloads for you to make this "rule“? Get outta here. Google is in the exact same boat, and also needs to make this A LOT more clear to developers using Android, as this is getting out of hand.

Maybe you think I'm overreacting? Well, everyone is of course entitled to their opinion. But for me personally, I don't think it's too much for you to FREAKIN ASK ME before uploading my entire contact book to your servers. I'm all for a digital future, and I'm all for making information as accessible as possible, but let's not forget a little thing called common courtesy. If I walk into Google or Apple's offices and over to the reception drawer, open it, pull out their ENTIRE CONTACTS documents, and then walk out of the building without even asking anyone (even if I asked, they still wouldn't hand it over), I would probably get thrown UNDER the jail. Hell, if I would walk in my next door neighbors house and take his contact book from the coffee table I would get properly punished for it.

Funny that app developers and social companies can do the exact same thing with no one to answer to.....

Related Topics

Related Articles

Magazine / Updates
1 1 week ago

Android L vs iOS 8: the battle that benefits everyone's devices

Magazine / Hardware
22 4 days ago

iPhone 6 launch: why do Android users care more about Apple events than Android ones?

Magazine / Hardware
7 4 days ago

iPhone 6 vs Nexus 4: because why not?

Comments

Write new comment:
  • Michael Heller Feb 20, 2012 Link

    Good job with the fear-mongering! Glad to see you didn't want to bother with rational thought on the topic.

    Let me ask you a couple questions:

    1) How exactly did you expect these apps were getting your contacts in order to find other people that you know?

    2) What exactly was the harm? Sure, the apps should have told you what they were doing, but how exactly was anyone HARMED by having their contact list sitting on the Path servers?

    0
    0
  • chinu Feb 20, 2012 Link

    freakinggggggg

    0
    0
  • Todd Jones Feb 21, 2012 Link

    No permission was asked, that's the HARM !!!!

    0
    0
  • Eric McBride Feb 21, 2012 Link

    @Todd - EXACTLY the point.

    @Michael Fearmongering? Nah..not in the slightest. It matters little to me if an app needs to scan my contact book to find contacts. What DOES bother me is that nobody is telling me their doing it. Just because you CAN doesnt mean you SHOULD. Like I wrote before, if I walked into your house and took your contact book from your coffee table, I would get arrested for it, plain and simple.

    And as far as harm goes, its more a matter of corporate responsibility and ethics that concerns me. App developers and the companies that push them need to behave better, and if all consumers say is "what harm did it do", they will continue doing it.

    Path realized that made a nono..thus the big apology they made on their website. Twitter is now also getting grilled for it. Its not a matter of what their doing...its a simple matter of telling you before they do it.

    Personal information is like gold on the net now, and if your gonna use mine and keep it stored, at least be considerate enough to tell me about it.

    0
    0
  • Aaron Tilton Feb 21, 2012 Link

    @Michael Welcome back! I haven't seen you on here in months. I've missed your commentary!

    0
    0
  • Todd Jones Feb 21, 2012 Link

    @Michael, Amen brother !!!

    0
    0