That’s one fundamental question raised by the recent revelations that many popular online services and mobile apps have been storing personal address books on their servers without users knowing what was going on.
It started with the controversy over the Path journal service. That was followed by reports that other major web brands, including Twitter, are engaged in similar practices — storing contact information for extended periods after using the data to help us find our friends on their services.
Today the House Committee on Energy and Commerce sent a letter to Apple CEO Tim Cook (PDF), asking for answers to a series of questions about the issue.
Apple responded to the dustup today by promising to crack down on the practice.
Apple spokesman Tom Neumayr told AllThingsD: “Apps that collect or transmit a user’s contact data without their prior permission are in violation of our guidelines. We’re working to make this even better for our customers, and as we have done with location services, any app wishing to access contact data will require explicit user approval in a future software release.”
Asking for permission is important, but consent is only part of the picture. A natural next step would be getting companies to actively disclose and limit the amount of time they store the data.
Eighteen months, just as an example, seems much longer than necessary.