[LINK] 'Apple Lets Developers Steal Your Address Book'

Roger Clarke Roger.Clarke at xamax.com.au
Thu Feb 9 13:57:31 AEDT 2012

Apple's Failure Lets Developers Steal Your Address Book

FEB 8, 2012 7:27 PM [But who knows what time-zone??]
[Okay, +1 832 seems to be Austin TX, so UT-6?]

This post originally appeared on Dustin Curtis' weblog at:

[And I got wind of it through Lauren Weinstein's list]

It's not really a secret, per se, but there's a quiet understanding 
among many iOS app developers that it is acceptable to send a user's 
entire address book, without their permission, to remote servers and 
then store it for future reference. It's common practice, and many 
companies likely have your address book stored in their database. 
Obviously, there are lots of awesome things apps can do with this 
data to vastly improve user experience. But it is also a breach of 
trust and an invasion of privacy.

I did a quick survey of 15 developers of popular iOS apps, and 13 of 
them told me they have a contacts database with millons of records.

One company's database has Mark Zuckerberg's cell phone number, Larry 
Ellison's home phone number and Bill Gates' cell phone number. This 
data is not meant to be public, and people have an expectation of 
privacy with respect to their contacts.

There are two major questions to ask about this behavior:

First, why does Apple allow iOS apps to access a user's entire 
address book, at any time, without permission? Even Android requires 
that apps ask for explicit permission to access local contacts. On 
iOS, every other seemingly private local data source, like location 
and the camera roll, have strong protections; apps can't even see 
photos in the Camera Roll unless the user explicitly selects them 
from the image picker. There is a huge section of the Settings app 
dedicated to giving people fine control over which apps have access 
to location information. That Apple provides no protections on the 
Address Book is, at best, perplexing.

Second, why do app developers, who know of the potential public 
backlash if this behavior were publicized (that's why they keep it 
quiet), continue to upload user address books to their servers? I 
think this question is easier to answer. Any app is an investment, 
and, like any investment, there are three outcomes - success, 
failure, and mediocrity. The only one that matters on a market like 
the App Store is success, so fledgling app developers do everything 
they can to increase their chances. Because Apple provides extremely 
easy access to address book data, the pro - that is, using the data 
to improve user experience, increase virality and growth, etc. - 
outweighs the con. To stay on equal footing, larger apps, like Yelp, 
Facebook, and Foursquare, have to follow along. From a design 
perspective, it is a concession of user growth at the expense of user 

Yesterday, it was revealed that the private social network app Path 
practices this behavior. People were outraged. Today, CEO Dave Morin 
apologized on the Path blog:

"Through the feedback we've received from all of you, we now 
understand that the way we had designed our 'Add Friends' feature was 
wrong. We are deeply sorry if you were uncomfortable with how our 
application used your phone contacts.

"There was similar outrage last year, when Kik was outed. But, after 
a while, things calmed down. Kik never conceded. Developers continued 
to stay quiet. Users forgot about it entirely".

Apple's Failure

I fully believe this issue is a failure of Apple and a breach of 
trust by Apple, not by app developers. The expectation of Address 
Book privacy is obvious; in fact, one person on Hacker News, in 
response to learning about Path's use of the data, said, "Apple would 
never do this to their users." Because Apple has your trust and yet 
gives this private information freely to developers, Apple does do 
this to their users. All of them.

Usually, when I am curious about something Apple has done, I try to 
understand the design thinking that went into the decision. In this 
case, I can't think of a rational reason for why Apple has not placed 
any protections on Address Book in iOS. It makes no sense. It is a 
breach of my privacy, and it has allowed every app I've installed to 
steal my address book.

Roger Clarke                                 http://www.rogerclarke.com/
Xamax Consultancy Pty Ltd      78 Sidaway St, Chapman ACT 2611 AUSTRALIA
                    Tel: +61 2 6288 1472, and 6288 6916
mailto:Roger.Clarke at xamax.com.au                http://www.xamax.com.au/

Visiting Professor in the Faculty of Law               University of NSW
Visiting Professor in Computer Science    Australian National University

More information about the Link mailing list