'App-gate' serves reminder: You're on your own

If you like Kabuki theater, the latest stylized drama involving Silicon Valley and Washington must be amusing.

Congress finally woke up to demand answers from Apple about user privacy. Apple dutifully blamed rogue app makers for ignoring development guidelines and collecting user contact data. And so it goes.

In the middle are users, rightly wondering whether anyone has their interests at heart or just sees them as suckers to exploit periodically (for money or their votes.) Seems that we're never too far removed from the next privacy boondoggle, where Company X, Y, or Z will always manage to cross a red line before begging forgiveness. It's entirely coincidental, but today marks 20 years to the day when Kevin Mitnick's arrest brought mainstream attention to computer privacy and security. Though the names and the technologies change, we're still talking about this stuff a couple of decades later. With only makeshift solutions to show for it.

The latest privacy flap centers on certain smartphone apps written for Apple's iOS that were found to collect user contact lists without first getting permission. Even if this doesn't turn out to be as widespread, it's still a black eye for the developers and the company that hosted their products on its app store. Dave Zohrob, a developer who has created dozens of apps, notes that many developers are currently accessing address book data without consumers knowing. In 99 percent of the cases, he says, the users won't ever know.

"You don't know that they're doing it, and you have no idea what they might do with your contacts' information," he says.

The assumption is that they won't do anything bad with your information. My colleague Rafe Needleman recounts how the Kik instant messaging app initially absorbed address books because it seemed like a cool feature of the app. After some users complained, the company reworked the app. That's an important point. These are social apps and the idea is to make them as social as possible. If you don't give Kik permission to absorb your address book, you'll have to enter all that information manually. It's a trade-off.

But users ought to make that decision, especially given the potential for mischief. It's your data and someone might be tempted to do shady things with the phone numbers and e-mail and physical addresses of your family and friends. It's not as if servers never get hacked.

Now the hired help in Washington want in on the action. They take enough money from Silicon Valley; in return, the least they can do is come up with sensible rules of the road to spell out the rules of the road for folks who just don't get it on their own. Based upon the coming attractions, this is shaping up to be another photo-op. Can't wait to see it.

Until all this gets figured out, how many of you would trust any of them. The message to users is plain enough: You're on your own for the time being.