Application Privacy Over-Reach

The amount of attempted privacy over-reach in mobile apps is approaching appalling. The number of mobile applications either out of the box or via subsequent updates that require the privilege to access (and in some cases upload) your contacts from your device is growing. In most cases it seems the same reason is given for this invasive action: it is for *your* convenience. Meh. It is unnecessary, plain and simple. Twitter, Facebook, Foursquare, Yelp, Linkedin, Path, Gowalla and others all do this – with or without your permission or knowledge. I mean, why would an application that is supposed to serve as a remote control for you TV need access to you contacts?

Second to the contacts grab is the gratuitous need to have fine grained location information for no apparent reason. For example, why would an application that identifies music need your fine location to work? What does that have to do with music recognition? It seems to be just collecting data for the sake of collecting it.

It is beginning to get even more obnoxious. Some web-based services are not allowing users to create their own username and passwords. Rather they try to force you to log in using your Twitter or Facebook accounts. And with few exceptions they require access to your contacts and other inappropriate information. Some applications (typically browser) are taking this approach. This is even more heinous as now not only do they have your contact information they have a record of every site you visit and every keystroke that you type into every site that you visit. Think about that before you run something like RockMelt.

Be aware of what permissions sites and applications ‘require’ and don’t be afraid to say no. After all, it is your data that is being given away. And once it is gone, chances are you’ll never get it back or get it deleted.