After a developer discovered that the Path social-networking app was silently uploading iPhone users’ address books to its servers, a whole lot of other shoes — that is, other apps doing similar things — started to drop.
Here’s one of the biggest shoes to tumble so far: Twitter has disclosed that when iPhone users visits the friend-finding feature in the Twitter app for iOS, the device’s address book is uploaded to Twitter and stored for 18 months.
Twitter says that it’s going to tweak the language it uses in the app to make clear what’s going on. It also lets you delete your address book from its servers if you so choose.
Meanwhile, The Verge’s Dieter Bohn has an excellent guide to the address-book-uploading mess, including details on what various apps are doing and advice on what they should be doing.
There’s no evidence that any of the companies involved have been doing anything nefarious, such as selling the data; the issue’s that they’ve been too blithe about taking and storing confidential information without clearly explaining what’s going on. Some of them have also been violating Apple’s rules, which state that apps must disclose what they’re doing.
It seems obvious that the proper way to deal with all this is for iOS to lock down you address book and let you grant access to apps on a case-by-case basis, as it does with other sensitive info such as your location. It’s not clear why Apple didn’t do this in the first place, but it now says that it will. Soon, I hope.