People using the iPhone Facebook app could unknowingly be sharing their number, their friend's numbers and their friend's friend's numbers thanks to a syncing feature.
Facebook's "Contact Sync" feature synchronises your friends' Facebook profile pictures with the contacts in your phone, but instead of keeping them safely on your handset it imports all the names and phone numbers you have on your phone, uploads them to Facebook's Phonebook app and lets you and your mates view everyone's details. It's taking data from your handset.
As The Guardian's Charles Arthur points out: "The implications are huge, and extremely worrying. All it takes is for someone's Facebook account to be hacked (perhaps via their phone being stolen) and lots of personal details are revealed."
According to The Guardian, a bloke called Kurt von Moos wrote up his privacy concerns this year. He says that there are a number of reasons to be concerned.
Firstly, Facebook doesn't warn users that they are uploading their phone's address book to Facebook.
As Facebook doesn't sync contact numbers or email addresses to phones, most users wrongly assume that Facebook Contact Sync only syncs user pictures. In reality though, they are flashing your address book, without your consent.
Facebook says you can remove your mobile contacts, but it's not clear that that will remove your mobile if someone else uploads it.
On the Facebook Phonebook page it says: "If you would like to remove your mobile contacts from Facebook, you need to disable the feature on your mobile phone and visit this page."
However, when we had a go, the page said "Please try again later".
I've always said that if you put something on-line be it your IM username or house address, then you should presume that the data will be public, no matter what the services preaches. But reaching into your phone and copying information without asking, that's a whole different game.
Your article is misleading.
http://caiustheory.com/facebook-iphone-app-contact-sync-isnt-automatic
"a BLOKE called Kurt von Moos"
"when we had a go"
What is this? The Daily Mirror? (or maybe The Star?)
Thanks for updating the article and removing the line saying it happened automatically. You're still wrong in saying it doesn't warn the user that it's uploading data, and that it's uploading address book information without telling the user.
The confirmation message it puts up that you HAVE to agree to for the upload to happen says quite clearly "all contacts from your device (name, email address, phone number) will be sent to Facebook". There's a screenshot of it in my post I linked previously.
If that's not being clear that it's uploading data, and what data it is uploading, then I'm not sure what you want to happen. Big red flashing text to accompany it perhaps?