by Larry Magid
OK, I’m going to say it — mobile phone apps are scary. Sure, they do a lot of very cool things, but when it comes to violating personal privacy, I’m afraid to say “there’s an app for that.”
This reality became incredibly clear a couple of weeks ago when it was revealed that a popular social networking app called Path was routinely uploading users’ address books to the company’s servers without informing the user or asking permission. Path quickly acknowledged the practice, apologized and issued a new version that asks for permission before uploading user data.
It’s impossible for me to know for sure whether forgetting to ask the user’s permission was an oversight or deliberate, and I question whether issuing an apology and fixing the problem after the fact is an adequate remedy. We don’t let bank robbers off the hook if they apologize for the crime and promise never to do it again. Should we afford that leniency to companies who steal our personal information?
Path isn’t the only company to upload user address book data, but most — including Facebook and Twitter — tell users in advance or give them a chance to opt in or out.
What scares me about mobile apps is that they’re kind of a black box. We install them, giving them all sorts of permissions, yet we have no way of peering under their hoods to see what they’re doing.
I’m not trying to spread paranoia. I really do believe that most companies try to play by the rules, but with more than 500,000 iOS (iPhone and iPad) apps and nearly 400,000 Android apps, it’s hard not to imagine that a few companies are going to be fast and loose with the rules. Even reputable companies can slip up, be hacked or otherwise leak our personal data.
I’m not suggesting we go backward, but there are some things you can do to protect yourself. For one, it’s a good idea to read reviews and ratings for any app you want to download. When you install an app, pay close attention to the permissions it asks you to give it. If it asks to know your location, make sure there is a good reason for it. If it lets you share that information with others, be careful who you’re sharing with and review it periodically to make sure that the friend is still a friend.
Finally, don’t forget to lock your phone.