Facebook’s Enhanced Data Archive Now Lists Cell Phone Numbers Stored
With Facebook’s May 2012 Enhanced Data Archive Release, there is finally publicly available evidence to consumers that Facebook is copying cell phone numbers and email addresses from your perceived private and confidential iPhone Contacts and storing them. We downloaded our Enhanced Data Archive and noticed a new category “Address Book”. In our Address Book, we found a random and chilling list of business contacts and friends. The individuals that made our list were those that were not our Facebook Friends. It appears that after installing the Facebook App on our iPhone, Facebook is copying our Contact list and storing a random list of personal and business cell phone numbers and email addresses entered into our Apple iPhone Contacts for their “People You May Know”, “Find Friends” or “Suggested Friends” feature.
Like other Apple iPhone Users with the Facebook Application installed, we don’t remember giving Facebook permission to access and “store” potentially confidential phone numbers and email addresses in our cell phone. In February 2012, Dustin Curtis wrote in his blog, “It’s not really a secret, per se, but there’s a quiet understanding among many iOS app developers that it is acceptable to send a user’s entire address book, without their permission, to remote servers and then store it for future reference.” Curtis reports that iOS Developers admit to having Contact Databases with millions of records, some that include Mark Zuckerberg, Bill Gates and Larry Ellison.
We downloaded our Enhanced Data Archive and found the following screen. There was a list of contacts in our address book with a Contact Names. These names were an exact copy of cell phone numbers and email addresses from our iPhone. It was not our complete iPhone address book. The Contact Names and Numbers have been redacted, but you get the point.
The Online Privacy Issues
- Apple iPhone – Apple shouldn’t allow default access to a users’s private and confidential contact list without their opt-in permission. The consumer rightfully thinks and deserves that their cell phone contact list is private and confidential.
- Facebook Address Book Removal Feature — Sure Facebook is now disclosing in their Enhanced Data Archive your information they are storing. Now they need a feature to remove this “private and confidential” information. Without that, the only consumer option is to delete your Facebook Account? And even if you delete your Facebook account, does that mean that they will be deleting your information from their servers. Twitter currently provides this a feature to remove the contact list from their servers.
- Cell Phone Number Privacy – Facebook should not be storing copies of their user’s private and confidential phone numbers on their servers. As a industry leader and now public company, even after discovering Apple intentional or unintentional exposing of this personal information, why would they take the next step and save this information.
Finally, it’s apparent that Facebook’s position would be that they are just trying to make make their “People You May Know” feature more relevant. But “downloading” and “storing” the personal cell phone number of say the President of the United States from his doctor or personal friend that happens to have the Facebook App installed on his phone in our opinion is morally and ethically wrong. It’s not only time for Apple to fix this mobile security bug but for Facebook and other companies to re-think their core privacy business practices.
References
www.dcurtis.is – Dustin Curtis
TheNextWeb.com
Huffington Post
[…] The Facebook Enhanced Data Archive contained a new Address Book feature that contained Contact Names, Cell Phone Numbers and Email Addresses from our Apple iPhone. Click Here – Is Facebook Stealing Your iPhone Contacts? […]