twitter-privacy-scan-contactsDavid Sarno(@dsarno), technology and business writer at the Los Angeles Times broke the story yesterday that Twitter retains your iPhone contact list for 18 months after you scan your contacts to see who may also be using Twitter.

Twitter Inc. has acknowledged that after mobile users tap the “Find friends” feature on its smartphone app, the company downloads users’ entire address book, including names, email addresses and phone numbers, and keeps the data on its servers for 18 months. The company also said it plans to update its apps to clarify that user contacts are being transmitted and stored.

Twitter’s privacy policy, per Sarno, does not explicitly disclose that Twitter downloads and stores user address books.

It does say that Twitter users “may customize your account with information such as a cellphone number for the delivery of SMS messages or your address book so that we can help you find Twitter users you know.”

How’s this work in action? As with many social networking sites and apps, Twitter allows you to look for friends who are also registered users.

With Twitter, you’ll see a screen noting that the service will “Scan your Contacts for people you already know on Twitter.”

Twitter retains contacts

Twitter does not intend to limit its current practice of scanning and retaining. When asked about the process, Twitter spokeswoman Carolyn Penner (@cpen) told Sarno Twitter is planning an update to the language they use in the mobile app.

“We want to be clear and transparent in our communications with users,” Penner wrote in an email. “Along those lines, in our next app updates, which are coming soon, we are updating the language associated with Find Friends — to be more explicit. In place of ‘Scan your contacts,’ we will use “Upload your contacts” and “Import your contacts” (in Twitter for iPhone and Twitter for Android, respectively).

Penner also noted that Twitter users can have the service remove their contact databases using the “remove” link on this Twitter webpage.

There’s a dilemma here for attorneys that doesn’t present itself for everyone. An attorney cannot disclose their clients or breach confidential information. Information scanned by Twitter like this may cause a problem on both fronts.

A similar issue confronted attorneys with the advent of LinkedIn. The rest of the world may want to freely share who their connections are. For an attorney, sharing the names of connections who may be clients presents an ethical issue.

The key for attorneys is to remain aware and to act in a fashion that does not breach confidences or disclose who your clients are.

That’s much easier said than done in this day when social networking sites like Facebook can change their privacy rules and app settings every few minutes.