18 companies including Facebook, Apple, and Twitter are being sued by mobile phone users in Texas. The lawsuit claims that mobile phone applications created by the companies breach privacy by collecting personal data without the phone owner’s permission. The data – typically the user’s address book – is then transmitted by the apps to the developers. Some of the worst apps are accused of transmitting this data over open (unencrypted) connections.
Apple’s policy for app developers forbids the practice of surreptitiously collecting such data – Apple has not explained how apps using these techniques managed to escape its notice during the approval process.
In the US, the use of customer data online is governed by the the Federal Trade Commission. In the UK, the Data Protection Act (DPA) governs the collection and use of personal data.