February 17, 2012
By Rob Waugh and Tamara Cohen
Twitter has admitted harvesting contact lists from its customers’ mobile phone address books without telling them.
The website said it copied lists of email addresses and phone numbers from those who used its smartphone application, amid claims it kept them on its database for 18 months.
Its management yesterday agreed to change guidance to users about what it does with their personal information, after a storm of protest from privacy campaigners in the U.S.
The breach occurs when users of the micro-blogging site click the ‘Find Friends’ option to see if any of their contacts are also on it.
Many of them did not know this meant the site then uploaded their entire address book and stored it afterwards.
Twitter spokesman Carolyn Penner said it would now offer users the option to ‘upload your address book’ or ‘import your contacts’ to make it clearer.
She said: ‘We want to be clear and transparent in our communications with users. Along those lines, in our next app updates, which are coming soon, we are updating the language associated with Find Friends – to be more explicit.’
The practice by a giant such as Twitter raises more concerns about the privacy implications posed by social networking sites which are used by an estimated 37 million Britons.
There is no suggestion the San Francisco-based firm was using the data – which it said was securely encrypted – for anything other than finding contacts for its customers.
But critics say the lack of ‘informed consent’ raises questions about other less reputable sites which could harvest details to sell on, or potentially leave customers open to identity fraud.
February 18th, 2010
By Declan McCallugh
When Christian Taylor stopped by the Sprint store in Daly City, Calif., last November, he was planning to buy around 30 BlackBerry handhelds.
But a Sprint employee on the lookout for fraud grew suspicious about the address and other details relating to Taylor’s company, “Hype Univercity,” and called the police. Taylor was arrested on charges of felony identity fraud , his car was impounded, and his iPhone was confiscated and searched by police without a warrant.
A San Mateo County judge is scheduled to hear testimony on Thursday morning in this case, which could set new ground rules for when police can conduct warrantless searches of iPhones, laptops, and similarly capacious electronic gadgets.
This is an important legal question that remains unresolved: as our gadgets store more and more information about us, including our appointments, correspondence, and personal photos and videos, what rules should police investigators be required to follow? The Obama administration and many local prosecutors’ answer is that warrantless searches are perfectly constitutional during arrests.
“There are very, very few cases involving smartphones,” Chris Feasel, deputy district attorney for San Mateo County, said in an interview on Wednesday. “The law has not necessarily caught up to the technology.”
Feasel said the county’s position is that a search of a handheld device that takes place soon after an arrest is lawful. “It’s an interesting issue that may decide the future of how courts handle these kinds of cases, especially smartphones and iPhones,” he said.
Attorneys for the Electronic Frontier Foundation, the San Francisco civil liberties group that’s representing Taylor, have asked the court to suppress any evidence obtained from the search of his iPhone. They say the search was “unconstitutional” because it was done without a warrant–and they say it also may have violated a 1986 federal law designed to protect the privacy of e-mail messages.
Privacy advocates say that long-standing legal rules allowing police to search suspects during an arrest–including looking through their wallets and pockets–should not apply to smartphones because the amount of material they store is so much greater and the risks of intrusive searches are so much higher. A 32GB iPhone 3GS, for instance, can hold approximately 220,000 copies of the unabridged text of Lewis Carroll’s Alice’s Adventures in Wonderland.
“Neither the search of (Taylor’s) vehicle nor the search of his iPhone was justified by any exception to the warrant requirement,” the EFF and its co-counsel, San Francisco attorney Randall Garteiser wrote in a brief filed earlier this month.
Sex photos drew federal lawsuit
Concerns about privacy are not merely hypothetical. In March 2008, Nathan Newhard was arrested on suspicion of drunken driving in Culpeper, Va., and his cell phone was seized. In the pictures folder of the cell phone were multiple pictures of Newhard and his then-girlfriend, Jessie Casella, nude in sexually compromising positions.
Newhard and Casella–at that point no longer a couple–filed separate civil rights lawsuits against Sgt. Matt Borders, who they said alerted the rest of the police department on the radio “that the private pictures were available for their viewing and enjoyment.” Newhard claimed that, as a result of the incident, he was nonrecommended for continued employment with the Culpeper school system, where he had worked before the arrest.
A federal judge in Virginia last year agreed that the police conduct was “irresponsible, unprofessional, and reprehensible” but said that Culpeper police officers could not be held legally responsible because they did not violate any clearly established constitutional rights. In addition, the court pointed out, the Fourth Circuit Court of Appeals had ruled that “officers may retrieve text messages and other information from cell phones and pagers seized incident to an arrest” to preserve evidence.
The problem for EFF and its co-counsel in the San Mateo County case is that, while the U.S. Supreme Court has not taken up the issue, a number of other courts have reached similar conclusions. In 2007, the Fifth Circuit concluded that police were permitted to conduct a warrantless search for call records and text messages during an arrest. So did the Seventh Circuit in a 1996 case dealing with information from numeric pagers (“It is imperative that law enforcement officers have the authority to immediately ‘search’ or retrieve, incident to a valid arrest, information from a pager in order to prevent its destruction as evidence.”)
July 30, 2009
Home Secretary Alan Johnson has unveiled the final design of the controversial national identity card.
The card will be offered to members of the public in the Greater Manchester area from the end of this year.
Ministers plan to launch the £30 biometric ID Card nationwide in 2011 or 2012 – but it will not be compulsory.
Opposition spokesmen said it was a “colossal waste of money” and civil liberty groups said it was “as costly to our pockets as to our privacy”.
Ministers say the card, which follows the launch of the foreign national ID card, will provide an easy way of safely proving identity.
They say this system, backed up by a national identity register, will help combat identity fraud, crime and terrorism.
The card is very similar in look to a UK driving licence but holds more data, including two fingerprints and a photograph encoded on a chip.
This chip and its unique number in turn links the card to a national identity register which, under current legislation, could hold more information about the identity of the individual.
If the scheme goes ahead, the card could be used as a travel document within Europe, separate to the passport, similar to arrangements between other EU member states.
Like the UK passport, the front of the card displays the royal crest as well as the thistle, the rose, the shamrock and the daffodil to represent the four parts of the UK.
The Home Office denied the union jack had been left off the card for fear of antagonising Northern Ireland’s nationalist community. A spokeswoman said the card was based on the British passport, which did not have a flag on it.