The popular Path app was caught uploading and permanently storing people’s entire address books on Path’s servers. People were upset, but what’s scarier is the bigger issue: apparently, this is a very common practice among popular apps.
Google+: View post on Google+
Common practice? I certainly hope not. In fact, I think application should need apps to prompt for access to any device data — location, address book, network etc. From an information security standpoint, this makes sense. What do you think?