A Wall Street Journal examination in 2010 of 101 popular apps for iPhone and Android phones showed at the time that 56 apps transmitted that device's ID to third parties without the user's knowledge or consent. Forty-seven of the apps sent the phone's location. Five sent age, gender and other personal details. Forty-five of the apps didn't provide privacy policies on their websites or inside the apps.
"The mobile space is just like the Web in the first 10 years or so: It's the wild, wild West where there are a bunch of privacy problems and there is a lack of controls," independent privacy researcher Ashkan Soltani said.
In February, Path and other app makers found themselves embroiled in controversy when a blogger blew the whistle on apps uploading and storing users' address books from their phones without notifying them. The mobile app maker apologized and changed the way its software accesses user data.
The incident was just one in a series of privacy breaches that underscores how vulnerable mobile device users can be. Requiring app makers to have privacy policies "is at least a way to get developers to start thinking about privacy," Soltani said.