AppStore vendors are culpable for Facebook sucking your text messages.

ReadWriteWeb’s recent coverage1 of the discovery that the ever-hungry and privacy-destroying Facebook has been reading text messages from the smartphone devices of users deploying its mobile application is interesting, not least because the outcry seems to be finger-pointing at Facebook… because Facebook is ever-hungry and privacy-destroying.

This finger-pointing sidesteps a core issue about the governance and quality-control arrangements for the app-store ecosystems.

In the case of Apple, the app-store ecosystem is much more closed than open, and applications are subjected to some level of scrutiny through Apple’s eyes of what is and what is not fit for deployment to millions of customers carrying iOS devices. Applications are denied entry into Apple’s walled garden through selectively-appled architecture rules such as “we don’t approve of that authentication technique” or “that application might be useful, but it’s too much like a web clipper, so it’s not allowed in here”.

Nothing really obvious steps out of Apple’s iTunes Terms and Conditions2 that any reasonable person might be able to interpret as signalling their consent to having applications accessing their text messages or their address books or their email or intercepting their telephone calls. The closest thing seems to be:

  • Consent to Use of Data: You agree that Licensor may collect and use technical data and related information—including but not limited to technical information about your device, system and application software, and peripherals—that is gathered periodically to facilitate the provision of software updates, product support, and other services to you (if any) related to the Licensed Application. Licensor may use this information, as long as it is in a form that does not personally identify you, to improve its products or to provide services or technologies to you.

With something like the Facebook application deployed across literally millions of devices, it’s unthinkable that the scraping of text-messages from user’s devices comes as surprise either to Facebook or to Apple, or Android, or Microsoft — it’s unclear from the press coverage to date which devices and operating-systems the text-message reading applies to.

Where exceptional access to private information is being taken by an application (and it cannot be hard to scan the code to discover that access through calls to methods like getAllTheTextMessages or interceptThePhoneCall) the app-store owners must be forced to do a better job of allowing end-users to make the release-or-not decisions for themselves.

It’s also, sadly, not something that comes as any surprise to the users of these applications who are the saleable meat-product of these social-computing mega-vendors.

  1. ReadWriteWeb story about the Facebook mobile application accessing text messages on smartphones: http://www.readwriteweb.com/archives/report_facebook_read_users_text_messages.php
  2. Apple iTunes terms and conditions: http://www.apple.com/legal/itunes/us/terms.html#APPS
Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s