Controversy over Japanese app that published up to 760,000 personal addresses
- — 10 October, 2012 10:58
An online debate has broken out over a Japanese mobile app that may have published as many as 760,000 address book records from its users in a publicly searchable database.
The mobile app, called "Zenkoku Denwacho," or "Nationwide Telephone Directory," was a free piece of software for Android phones that says it provides a database of Japanese phone numbers, names and some location information for private individuals and businesses. One "feature" of the app, which has been removed from the Google Play online store, was that it accessed the address books of users, including GPS data, then added that information to its public records.
On Tuesday, Japanese security firm NetAgent posted a blog entry calling the software "malicious" and saying it stole the information from users. But on download pages that were still online Wednesday, the app's description states that it is creating a national database and will "use" information from users' address books and GPS readings, adding them to its existing database of 38 million records taken from other online databases.
NetAgent said the app, which has been live since September, had been downloaded about 3,400 times and that as many as 760,000 address book records had been uploaded, without revealing how it reached those numbers.
Japanese media reported that police were investigating, though it was unclear if any crime had been committed. A police spokesman declined to comment on Wednesday.
In blogs and Twitter entries, an online debate ensued about the app and its similarity to other popular services in Japan, such as Line, a social network that also uploads user address books.
"It is impossible for me to totally protect against my data being uploaded to a Line server by one of my acquaintances," wrote one blogger in an entry about the incident, on a Japanese blog called "I Believe in Technology."
Comments on pages that linked to the app's former location on the Google Play store also noted the possibility of abuse, as it required access to address records as a prerequisite for installation.
"This might be dangerous?" wrote one reviewer.