Privacy dilemma for developers: Apple to the rescue?
Livingston said it took Kik "just a few days" to modify the app to be more transparent. Not only did new alerts tell users that their address book would be uploaded, but a secondary confirmation, if you opted out, reminded them that the whole point of the app was to make connections. "Are you sure?" the pop-up asks. "You will have to add each of your friends manually."Other companies use hashing or encryption to protect address book privacy. Localmind CEO Lenny Rachitsky,for example (see Localmind gooses location-advice service) told me that "We hashed all address book data and sent it over SSL." So not only were users' address books not human-readable on the Localmind servers, but the transmission of the data was encrypted on the way there. You are not your userThe challenge for developers is to recognize that data that one person doesn't care about may be of life-or-death import to another. That's why being deliberate when it comes to data practices is a good idea. But deliberation slows you down.And that's why the platform companies, like Apple, Google, and Facebook, have to moderate developers eager to have their app suck up data first, and ask questions later. This has already happened with location data to a much greater extent than it does with address data. And Google, at least, does block Android apps from accessing address books without user permission. Facebook provides social matching as a service to developers who use that social network--so Facebook-reliant apps don't actually get the address books.Apple has been behind in this. It relied on policy to protect address books. That policy, clearly, has failed. And it failed a long time ago.
