go-Digital Blog on Digital Marketing

This New California Mobile Privacy Deal Is Absolutely BRILLIANT (GOOG)

Source: http://www.businessinsider.com/this-new-california-mobile-privacy-deal-is-absolutely-brilliant-2012-2

If you live in California, you’re soon going to have a chance to read a privacy policy for every single app you download onto your mobile phone.

That’s thanks to a “Global Agreement” signed by California Attorney General Kamala Harris and six big companies in the mobile space: Google, Apple, RIM, Microsoft, Palm, and Amazon.

Just one question.

Who reads privacy policies?

You probably don’t. Just like you don’t read the terms and conditions when you download and install software, or sign up for an online email account, or rip the tag off a new mattress.

But!

The 1% of you who do read privacy policies are probably the exact same 1% who are losing sleep because information from your iPhone address book was secretly being uploaded to the servers of Path and some other app makers.

So the Attorney General and the six companies win for looking aware and concerned about online privacy, and the privacy zealots get to rest a little easier before going off on their next crusade. (Probably against Google.)

Plus, apps makers now all have to hire lawyers to write up these privacy policies and interns to put the policies online and build links to them in their apps. Which increases employment!

Wins all around. Well done.

See also: THE TRUTH ABOUT ONLINE PRIVACY: Who Cares?

Please follow SAI on Twitter and Facebook.

Join the conversation about this story »

See Also:

• Your iPad (Still) Comes From The Hands Of Teenagers Living A Factory Life
• Microsoft Ups Its Legal War Against Google With A New Attack
• The Truth About That Microsoft Office On The iPad Story

Caterina Fake, who previously cofounded Flickr and Hunch, has launched a new startup called Pinwheel, which lets you leave vitrtual notes around the world.

She announced the launch on her personal blog earlier today.

Enter the Internet of things, where you can choose to follow people, places or things. The notes you leave can be private, or you can share them with everything and everybody. 

The possibilities seem endless.

For instance, Fake shared a note she wrote for her friend Lauren:

Perhaps this would be a more useful note when you’re roaming around town: “Find me a Nearby Toilet NOW.” 

That seems to be coming soon: Fake wrote on her blog that she plans on building out a notification system so you can get pinged when someone you follow sends out a note.

We knew last year that True Ventures, SV Angel and her fund, Founder Collective, invested.

As far as making money, Fake is betting on selling sponsored notes.

The site is still in private beta — you can sign up here for an invite to try out the web and mobile app. The iOS version is coming up next.

Please follow SAI on Twitter and Facebook.

Join the conversation about this story »

See Also:

• How To Marry Your Cofounder And Not Kill Your $200 Million Startup In The Process
• Inside OkCupid Labs: The Modern Matchmakers Of Silicon Valley
• Why Gay Guys Love Using Grindr To Hook Up And Make Friends

Apple allows any app to access your address book at any time—it’s built into the iPhone’s core software. The idea is to make using these apps more seamless and magical, in that you won’t have dialog boxes popping up in your face all the time, the way Apple zealously guards your location permissions at an OS level—because fewer clicks mean a more graceful experience, right? Maybe, but the consequence is privacy shivved and consent nullified. Your phone makes decisions about what’s okay to share with a company, whose motivation is, ultimately, making money, without consulting you first.

Once you peel back that pretty skin of your phone and observe the software at work—we used a proxy application called Charles—watching the data that jumps between your phone and a remote server is plain. A little too plain. What can we see?

As Paul Haddad, the developer behind the popular Twitter client TapBot pointed out to me, some of App Store’s shiniest celebrities are among those that beam away your contact list in order to make hooking up with other friends who use the app smoother. From Haddad’s own findings:

Foursquare (Email, Phone Numbers no warning)
Path (Pretty much everything after warning)
Instagram (Email, Phone Numbers, First, Last warning)
Facebook (Email, Phone Numbers, First, Last warning)
Twitter for iOS (Email, Phone Numbers, warning)
Voxer (Email, First, Last, Phone numbers, warning)

Foursquare and Instagram have both recently updated to provide a much clearer warning of what you’re about to share. Which every single app should follow, providing clear warnings before they touch your contacts. But plenty of apps aren’t so generous. “A lot of other popular social networking apps send some data,” says Haddad, “mostly names, emails, phone numbers.” Instapaper, for example, transmits your address book’s email listings when you ask it to “search contacts” to connect with other friends using the app. The app never makes it clear that my data (shown up top) is leaving the phone—and once it’s out of your hands and in Instagram’s, all you can do is trust that it’ll be handled responsibly. You know, like not be stored permanently without your knowledge.

Trust is all we’ve got, and that’s not good. “Once the data is out of your device there’s no way to tell what happens to it,” explains Haddad. Companies might do the decent thing and delete your data immediately. Like Foursquare, which says it doesn’t store your data at all after matching your friends, and never has. Twitter keeps your address book data for 18 months “to make it easy for you and your contacts to discover each other on Twitter after you’ve signed up,” but can delete the data at any time with a link at the bottom of this page. Or a company might do the Path thing, storing that information indefinitely until they’re publicly shamed into doing otherwise. Or worse.

We need a solution, and goodwill on the part of app devs is going to cut it. All the ARE YOU SURE YOU WANT TO DO THIS? dialog boxes in the world won’t absolve Apple’s decision to hand out our address books on a pearly platter. iOS is the biggest threat to iOS—and nothing short of a major revision to the way Apple allows apps to run through your contacts should be acceptable. But is that even enough? Maybe not.

Jay Freeman, developer behind the massively popular jailbroken-iPhone program Cydia, doesn’t think Apple’s hand is enough to definitively state who gets your address book, and when:

“Neither Apple nor the application developer is in a good position to decide that ahead of time, and due to this neither Apple’s model of ‘any app can access the address book, no app can access your recent calls’, nor Google’s method of ‘developer claims they need X, take it or leave it’ is sufficient.”

Freeman’s solution? Cydia’s “one-off modifications to the underlying operating system” that we deal in, nicely transfers this control back to the user.” In other words, we can’t trust Apple or the people that make apps—so let’s just trust ourselves to control how iOS works.

Freeman left us with one, final, disquieting note. Shrewd devs and others with the knowhow have been able to dig through app traffic to find out of they’re shoveling around your address book. But there’s no easy way to do this—and if a dev really wants to sneak your data through the door, there’s technically nothing we can do to stop him: “There are tons of complex tricks that can be used to smuggle both information in network traffic and computation itself.” It’s a problem fundamental to computer science—once the data’s in a dev’s hands, he can conjure it away, too small to be noticed by App Store oversight in churning sea of other apps.

Unless Apple keeps him from getting that information in the first place by letting us all make informed decisions with our phone and the private life poured into it. Your move, iOS.

Photo: Motorolka/Shutterstock

Tags: address, address book, app, apple, application, Book, Celebrities, churnin, computation, computer, consequence, contact list, control, core software, Cydia, decisions, dev, Developer, dialog boxes, door, google, haddad, hand, information, iOS, iPhone, iphones, knowhow, last warning, mdash, method, model, motivation, network, note, nothing, os level, oversight, phone, phone numbers, position, private servers, problem, program, proxy application, remote server, Science, shivved, Shrewd, solution, store, system, time, traffic, trust, twitter, user, way