When WhatsApp, LinkedIn, Facebook etc access the iOS/OSX AddressBook, what do they get?

Discussion in 'iOS 9' started by hotpotato123, Aug 26, 2016.

  1. hotpotato123 macrumors member

    Joined:
    Sep 15, 2009
    #1
    I've been made aware that apps - such as Viber, WhatsApp, Facebook, LinkedIn etc download the entire Address Book. That's how they know who we are connected to.

    My question is, when they download my address book, what do they get? Just names and email addresses with telephone numbers -- or do they also get the NOTES section.

    It's just that, I'm sure, there are lots of people who are unaware of this risk, and put confidential information in the NOTES section.

    Hence, do these App companies even download the NOTES?
     
  2. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #2
    Well, one thing to clarify there is that apps fist have to ask for permission to connect to something like contacts and the user has to approve that request in order for that to even happen.
     
  3. hotpotato123 thread starter macrumors member

    Joined:
    Sep 15, 2009
    #3
    Yes, do you read any of the EULA licences? I suspect most people blindly click OK so that they can use the Apps.

    It's sickening to think that they download even the Notes. What need do they have to access the Notes? Many users, perhaps unwittingly, put very confidential information in the Address Book Notes. The Apps don't need the Notes to operate their Apps, so this is blatant data harvesting.

    Apple should have made a way of Apps getting selective access to the Address Book, only getting those parts that are needed to operate the App, e.g. contacts names and email addresses.
     
  4. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #4
    People are free to select what they want. In most cases it doesn't affect their use of the app/service.

    As for the notes part, it seems that you are asking about it, and yet also saying that it's how it works--then why the question if you seem to know how it works?
     
  5. Phil A. Moderator

    Phil A.

    Staff Member

    Joined:
    Apr 2, 2006
    Location:
    Shropshire, UK
    #5
    The notes field is available to apps you grant contacts access to, but whether individual apps read it or not is something only the developers would know

    if it's something that bothers you, either don't give access to contacts to third party apps or don't store confidential information in insecure locations
     
  6. DCIFRTHS macrumors 6502a

    DCIFRTHS

    Joined:
    Jan 25, 2008
    #6
    Just curious: What kind of private information would go in the Notes section? Things like birthdays, children, SS numbers or PIN numbers? Serious question - no sarcasm intended.
     
  7. hotpotato123 thread starter macrumors member

    Joined:
    Sep 15, 2009
    #7
    It's only recently that it dawned on me that the contents of the Address Book was being freely shared around, as a consequence of using popular Apps.

    There was a time I did not know -- and I think many simple users are in that state of being unaware.

    The notes section was at useful places to make notes about the particular person. e.g. credit card details, bank account details if payments were to be made to a friend, birth dates etc. Very serious information that pertained to that person, and I didn't realise all that could be divulged to third parties, simply by wanting to use popular Apps.

    Maybe for people who frequent a Mac forum, that's obvious, but there was a time I had no idea. And there's lots of people, who aren't computer savvy, who are unaware of what they're giving over when they simply want to use a popular App to communicate with their friends who use the same App.

    Of course, now, I've removed all that sort of info from my Notes -- but maybe it's too late.
     
  8. simon lefisch macrumors 6502a

    simon lefisch

    Joined:
    Sep 29, 2014
    #8
    Not saying you should do this, but your better off storing info like credit cards/etc in the Notes app since it can be secured by passcode/Touch ID and it is not accessed by the Contacts app. I would NEVER use the notes section of the Contacts app to store CC/bank account info.
     
  9. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #9
    Apps have been asking for permission to access/use contacts, among other things on the device, for quite some time now. There really ain't something to not know as you are clearly prompted for permission and have to make a decision. Denying that permission generally didn't stop one from using many apps.
     
  10. JT2002TJ macrumors 6502a

    Joined:
    Nov 7, 2013
    #10
    I think those debating the original poster are missing the point. Granting access to contacts, should be a tiered approach, controlled by apple. Something like this:

    Grant access to Contacts (the rest are greyed out until this is on)
    Grant access to Names (default to off)
    Grant access to Phone (default to off)
    Grant access to Address (default to off)
    Grant access to Birthday (default to off)
    Grant access to Notes (default to off)

    This should be within each apps menu within settings. This should be the only way an app should be able to access contacts.

    It shouldn't simply be all or nothing, giving apps full access when allowed.
     
  11. DCIFRTHS macrumors 6502a

    DCIFRTHS

    Joined:
    Jan 25, 2008
    #11
    Ideally, this would be the way to go.
     
  12. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #12
    While more options and controls would be a nice thing, in the overall sense, from a typical user side of things, something like that could be seen as somewhat of a more negative user experience where users are overwhelmed with more options and information than they typically would be willing to put up with (keyword there being typical).

    More as an observation and a sidenote than anything else, when it comes to this kind of thing on a platform like Android, which is known to be more customizable and configurable, placing much more into user's hands, something like this doesn't quite exist there either (as far as I recall), and, in fact, has actually been worse than that for quite a while where separate permissions for different things (like contacts, photos, microphone, etc.) couldn't even be granted/modified as all of them were bundled together and had to be granted at the time of app installation, otherwise an app couldn't even be installed.
     
  13. JT2002TJ macrumors 6502a

    Joined:
    Nov 7, 2013
    #13
    It was acceptable in the beginning. But when the iphone first came out, we (as a society) were not storing as much personal data in our phones. We now have reached a point where our phones contain more personal data about us, and our loved ones than anything else. It is time to put "negative user experience" after security of data. But, if you insist, default all the sub options to "on" and allow the user to shut off what is or isn't allowed.

    Shoot... start with making it a universal option were a user selects it once in the OS, and each app has the option to access information made available during this setting or not. This should hold app development/iOS development over until it can be made down to the app level.
     
  14. C DM macrumors Westmere

    Joined:
    Oct 17, 2011
    #14
    Like I mentioned, I personally agree with more controls pretty much for everything. But that doesn't quite seem to be the approach when it comes to typical users, especially in iOS that tries to simplify things (and it seems even in more customizable and open environment like Android). Perhaps/hopefully that will change at some point.
     
  15. KALLT macrumors 601

    Joined:
    Sep 23, 2008
    #15
  16. crashnburn macrumors 6502

    Joined:
    Nov 18, 2009
    #16

Share This Page