Twitter Caught Storing Users' Phone Contacts For 18 Months (Or More)

Social Media

Share this Post

Is it even surprising anymore to find out that social media companies have been covertly plumbing personal information from users? Maybe it's because I've become so acclimated to having a minimum level of privacy in this age of the social network-powered Matrix. Maybe it's because nearly every Internet company is doing it. At this point, every time I hear a story about a website discreetly storing personal information, I just wanna shrug and say, "And?"

Last week it was Path and this week it appears to be Twitter's turn in the barrel. The LA Times confirmed that whenever a user of the site's native mobile app clicks on the "Find Friends" option, thus permitting the app to access the user's personal contacts stored in the phone in order to locate people on Twitter that the user might know, the company not only downloads all of the info from the user's address book but also stores the data for 18 months. The section of the nefarious info-sopping feature is found under the Discover tab.

A spokesperson told the LA Times that Twitter is planning to revise the muddy language that is used with the policy described in the mobile app.

"We want to be clear and transparent in our communications with users," Penner wrote in an email. "Along those lines, in our next app updates, which are coming soon, we are updating the language associated with Find Friends -- to be more explicit. In place of 'Scan your contacts,' we will use "Upload your contacts" and "Import your contacts" (in Twitter for iPhone and Twitter for Android, respectively).

Penner also noted that Twitter users can have the service remove their contact databases using the "remove" link on this Twitter webpage.

In the current version of the app's Privacy Policy, which hasn't been updated since June 23, 2011, it does actually say something about retaining users' data for 18 months - it just isn't really clear about what information it's sucking out of your phone. See the section below that obtusely describes what they're using. Additionally, what happens at the end of that 18 months? I've been using Twitter's app for longer than that yet I imagine Twitter's still storing my info in some capacity. In other words, the 18 months limitation is arbitrary. For as meaningful as that amount of time is, they might as well have said they will only store it for a gazillion tyranno-seconds.

Since the language doesn't explicitly state what exactly Twitter defines as "log data," it does impress a rather sleazy quality on Twitter. For what it's worth, however, users can go to Twitter's webpage and remove their contacts from Twitter's database anytime. But if people were unaware that Twitter was mining personal contact info from their phones, I'd wager even fewer people knew that deleting their data was an option.

While Twitter must revise their policy to specify what data they're combing from app users, remember that this is the modus operandi of social networking sites. Google, Facebook, Twitter - it doesn't matter. This is how they do business. And even if Twitter had been explicit about what data they were collecting and what exactly they were doing with it from day one, would that have deterred anybody from using the app? How many people actually pour over the Privacy Policies of services like this and then make an informed decision on whether or not to use the app? Given the infrequency that most people read that stuff, we're all probably extraordinarily lucky that we haven't ended up as a segment in a HumancentiPad.

I will end this article the same way I began it: why is anybody still surprised about these types of revelations?