iPhone game developer sued for farming phone numbers
By Will Park on Friday, November 6th, 2009 at 4:34 PM PST In Announcements, Apple, Legal, iPhone OS
iPhone gaming can be hazardous to your privacy, apparently. A security hole in the iPhone OS allows someone with the right know-how to design an iPhone app to secretly learn an iPhone’s phone number. The problem is serious enough that iPhone game developer Storm8, creators of Vampires Live and iMobsters, has been hit with a class action lawsuit for allegedly collecting the phone numbers of iPhone gamers without their knowledge or consent.
The lawsuit, filed in San Francisco on behalf of Washington State resident Michael Turner, claims that Storm8 included “malicious software code” for gathering phone number data into the company’s iPhone games. “Storm8 has written the software for all its games in such a way that it automatically accesses, collects, and transmits the wireless telephone number of each iPhone user who downloads any Storm8 game,” alleges the suit.
In its defense, Storm8 acknowledged back in August that it was getting phone number data from its iPhone games. The company claims a “bug” was to blame.
What’s interesting here is that Apple (NSDQ: AAPL) didn’t catch the supposed “bug” before approving the game for the AppStore. Apple’s getting really good at rejecting iPhone apps that don’t fit into the company’s narrow view of acceptable content, but it seems they still need to work on the basics – like rejecting potential spyware.
Should Apple be held accountable for letting an iPhone app embedded with “malicious software code” onto the AppStore? Should Apple pull the app on grounds that it’s collecting iPhone users’ phone numbers? We’d like to hear what you think in the comments below.
[Via: boingboing]
This isn’t a security hole for goodness sake. Of course apps can access the contacts details on the iPhone.
How do you think it’s possible for apps to do all the useful things that they do like integrating with the address book for interesting social functionality etc.
The problem here was that the app developer then abused this privilege and started phoning up the users. It’s an issue with the dweller not with the iPhone. *sheesh*
-Mart
Oops that should have read “developer” not “dweller”.
Apple should be held liable, since they have set a precident in the past of controlling the applications they allow in the store.
Mart,
As you just said, the purpose is to allow this which enables the integration with social functionality, etc. The problem here is that it does not follow this model. Instead, it no longer uses the data from your phone to enhance said phone’s experiance. What it does is, without your permission, accesses your data, makes a connection to the software vendor, transfers your data off of your phone, places copies of your data in software vendors data center, who then could do whatever with it. Big difference from adding facebook pictures to your contact list… idiot.
:p