Over the years, iPhone apps have been accused of spying on users and secretly tracking their location. And now iPhone apps are back in the news again for all the wrong reasons after it was discovered that the popular social app Path copies the entire contents of your users Address Book and stores it in the company’s database. So, why do app developers want access to your contacts? How do you ensure your contact information isn’t accessible to such unsolicited apps?
First things first, it’s well known that several apps transmit user data without your knowledge or consent. Though Path has hogged the limelight, it’s believed that several other popular apps invade your privacy as well. These include
- Foursquare (uses your email and phone number without any explicit warning)
- Instagram (Email, Phone Numbers, First, Last , after warning)
- Facebook (Email, Phone Numbers, First, Last, after warning)
- Twitter for iOS (Email, Phone Numbers, after warning)
- Voxer (Email, First, Last, Phone numbers, after warning)
Now, the tricky question of why do these apps try to access your contacts and how do they do it? Of course, the easiest excuse is that apps which offer “Friends” functionality would need to access your Address Book. It’s difficult to believe that most app developers would do this out of ignorance, especially when evidence suggests they’ve anonymized the data by ?hashing? the data and saving a checksum. In any case, this isn’t the way it should work and as Steve Jobs famously said the best way to deal with user’s privacy is to ask them every time before you access their sensitive data.
Obviously, the ideal solution would be for Apple to force developers into disclosing how they handle user data and never to do it without first alerting the user. Till that comes into effect, users must educate themselves on how to stop apps such as Path from stealing your contact information. We’ve already covered one prospective solution – ContactPrivacy, an app for jailbroken devices that explicitly warns you when any other application tries to access your Address Book.