Twitter under fire for privacy blunder

Twitter has admitted to storing email addresses and phone numbers from its mobile users' address books, raising the ire of privacy advocates and forcing the messaging service to rework its iPhone and Android apps. The logs – which could be stored for up to 18 months – are used to identify contacts also using Twitter, the social network told the LATimes, both at the point where users choose "Scan your Contacts" and in the subsequent weeks and months of you using the app.

Twitter's apps warned that its systems would use the address book to "customize your account with information such as a cellphone number for the delivery of SMS messages or your address book so that we can help you find Twitter users you know" but the notification was buried in the privacy policy. That same policy confirms that some details are stored for up to 18 months.

The company now plans to push out new versions of its apps which change the terminology used, in the hope that it makes it more obvious that the Find Friends tool actually uploads your address book:

"We want to be clear and transparent in our communications with users. Along those lines, in our next app updates, which are coming soon, we are updating the language associated with Find Friends — to be more explicit. In place of 'Scan your contacts,' we will use "Upload your contacts" and "Import your contacts" (in Twitter for iPhone and Twitter for Android, respectively)" Carolyn Penner, spokesperson, Twitter

Meanwhile, there's an option to remove all contacts uploaded to Twitter on the company's site:

Nonetheless, Twitter's app behaviors have already drawn attention from privacy watchdogs, with Privacy International launching a campaign to encourage users to find out exactly what personal data the social network has stored on them. The organization gives step-by-step instructions for EU users to contact Twitter for a full disclosure under the Data Protection Act.

Twitter isn't the first company in recent weeks to have its privacy policies examined. Path was forced to apologize and release a new version of its app after it was found to upload users' contacts without notifying them. Apple has since announced a new data collection policy which could, when implemented, impact thousands of existing apps.