Twitter mobile apps storing address books for 18 months
Tim Cook quizzed by Congress on privacy
Twitter has become the latest in a growing list of companies caught storing user’s data without making it explicit.
The company has admitted that it is storing the entire address books of users for 18 months, if they use the “Find Friends” feature on its iOS and Android clients. The function searches through your existing address book looking for matches on Twitter, but doesn’t make it clear that Twitter will be storing the data, or for how long.
"We want to be clear and transparent in our communications with users," Twitter spokeswoman Carolyn Penner told The Register in an email. "Along those lines, in our next app updates, which are coming soon, we are updating the language associated with Find Friends -- to be more explicit. In place of 'Scan your contacts,' we will use 'Upload your contacts' and 'Import your contacts' (in Twitter for iPhone and Twitter for Android, respectively)."
She also pointed out that Twitter users can remove the information from their contacts database on Twitter using the companies own Remove tool on the Import Contacts page.
Applications that harvest address books are the latest witch-hunt de jour, after mobile social networking company Path was forced to admit last week that it was harvesting and storing user’s address details without asking. The company also promised to fix the problem with its next update, but couldn't give El Reg a shipping date.
The Path issue has also raised the attention of Congress. Congressmen Henry Waxman and G. K. Butterfield have sent Apple CEO Tim Cook a letter quizzing him on the company’s approach to allowing applications that scrape this data to be sold, how many do it and why the company doesn’t block it. They’ve asked for a response by February 29th and helpfully posted the contents online just in case the Congressional postal service isn’t quick enough. ®
"She also pointed out that Twitter users can remove the information from their contacts database on Twitter using the companies own Remove tool on the Import Contacts page. The data may still be stored in backups however"
What part of 'opt-in' are all these fuckers unable to understand?
Double privacy fault
What annoys me about these kinds of programs is the contents of that address book. How does the Twitter Account holder become the one who decides if all those individuals on his address book agree to have their data stored on Twitter's servers to do with as the will?
My business email address is in many address books of my clients. And these idiot clients then upload MY personal data to the Twitter server without asking me first if this is okay.
And it is not just Twitter... I still keep getting invites from Facebook asking me to join, and then that shows me a list of other people I may know. And that list is often correct, and plain scary when I see the connections they have already worked out about me.
Of course... if you try and contact these companies to complain about use of my personal data that has been uploaded by a third party... there is no where to complain without a Facebook\Twitter\etc account. Last time I tried to chase Facebook to get my data removed, all their pages about it hit dead links
LinkedIn does it too.
Added a contact to Outlook a month ago, and he's now in the "people I might know" list, after he joined LinkedIn a couple days ago.
I did not share my address book with LinkedIn, I do use the social connector in Outlook, and I did not give any informed consent to my data.