TWITTER HAS promised to make changes to its privacy policies after admitting to uploading entire address books from users’ iPhones and storing them on its computers for up 18 months.
The social network uses the information to help users find existing contacts who already have a Twitter account.
It is the latest internet company revealed to have been copying and storing entire address books from smartphones to provide a “Find Friends” service.
Last week Arun Thampi, a programmer in Singapore, revealed that Path, a social network app created by a former Facebook engineer, was copying address-book data from users’ iPhones without notifying them.
Mr Thampi’s blog post about the practice received worldwide attention, with the result that programmers and privacy advocates began checking to see if other popular apps also uploaded user data without user permission.
Other popular apps – including Yelp, Foursquare, Foodspotting and Instagram – were found to be uploading user data without making it clear they were doing so.
The issue attracted attention from the US Congress. Two members of the subcommittee on commerce, manufacturing and trade have written to Apple chief executive Tim Cook seeking further information on its privacy guidelines for apps. The letter makes reference to one appmaker who claims to have a database including “Mark Zuckerberg’s cell phone number, Larry Ellison’s home phone number and Bill Gates’s cell phone number”.
Apple has responded by saying that in future any app accessing contact information will need explicit approval from the user.
An Apple spokesman said that “Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines”.
Several software developers have said that existing techniques could have been used to provide the same service much more securely.
"There are well established secure hashing algorithms that can be used by social networks to correlate users without storing their actual email addresses," said Walter Higgins, founder of online photograph editing tool Pixenate.com.
Hashing would have converted emails, phone numbers and names into unique but anonymous strings of information that could have been used for matching purposes.
Twitter has said it will change the language associated with its Find Friends feature, according to a spokeswoman.
Rather than “scan your contacts” it will use the phrase “upload your contacts”.
Facebook, the social network used by one million Irish people a day, has made changes to its privacy policies and practices following an extensive audit by the Data Protection Commissioner.