Thursday, February 16, 2012

Address books are at risk but how would you know?


Notes taken by: Theresa Payton, Fortalice, LLC. Content also featured in WBTV's segment "Protecting Your Cyberturf" featuring Theresa Payton and Kristen Miranda

Remember the days of the rolodex?  You needed to contact someone and you just flipped to the contact.  Or, the old-school address book?  Now most of us carry a smart phone which replaces the rolodex and address book.  And sometimes, our most sensitive information, is who we associate with.  Now we learn that your contacts are at risk when you use online services.

It’s probably was one of the best kept secrets until now and it might leave you feeling violated.  Your address book has been and can be accessed when you link to some of the most popular sites via your smart phone.  The online companies actually consider it a “best practice” to take that information.  Theresa Payton explains what they are doing, the risks, and how you can avoid peeping eyes!

Twitter, Foursquare, and Instagram routinely snoop and look at your personal address book on your phone.  Did you know that they can do that?

HOW DID WE FIND OUT?:
A developer noticed that a company named Path was uploading address books.  After a deeper look he determined they were doing this without user permissions.

In addition, Congress asked Apple to explain how the Apple-store “approved apps” work in relation to consumer privacy, including the phone books.  Apple said it is against their published rules for address books to be collected without user permission, but they have no explanation for why apps are doing this.

Apple plans to make sure apps that want to take your address book, have to send you a very targeted and specific notice that they are going to look at your contacts.  They did not commit as to when we would see this important privacy change.

Apple did say they caught and stopped Yelp, GoWalla, Hipster and Foodspotting from doing this in the past.

Google said that any apps that do this on their phones must ask your permission up front.  

Another place to be aware of this practice is the “Find Friends” feature that you see often on social media sites.  For example, if you use the Twitter app to “Find Friends” in your address book, they will store your information for up to 18 months.

A security developer tested out Foursquare and if you sign up via your phone, it grabs and sends your address book without notifying you.  Foursquare says they will change that and warn you in the future.

WHAT CAN YOU DO?
1.  When you get those warning pop ups, for example asking for location or access to your address book, think twice before you give the “ok”
2.  Any app that “helps” you by accessing your contacts - use at your own risk or just skip it altogether and be selective in who you add to that app and social network
3.  Speak up - when consumers speak up, the companies do take notice and make changes

WORD OF THE WEEK:
SUPERPHONE:  It’s predicted that the next generation of smart phones are going to be dubbed SUPERPHONES because they will include super features such as high def video, consistent 4G connections, and amazing speeds.

No comments:

Post a Comment