The Hipster app that turns pictures into postcards swipes users’ address books and passwords and sends them to a third-party server that uses the information without consent, a class action claims in Federal Court.

Lead plaintiff Francisco Espitia sued Hipster for privacy invasion, computer crimes and other charges, on behalf of everyone who has downloaded the app since Jan. 1, 2011.

The app allows users to create postcards from photos they take on mobile phones. The postcards are attached to the locations from which they were sent, to make documenting memories easier. Users are given the option to share the postcards with others through their mobile devices.

But when users download it, the app, “without seeking to obtain consent, and without notice to the user, sought out and retrieved the list of personal contacts on the user’s mobile device. This list of personal contacts was copied and surreptitiously uploaded to Hipster’s third-party servers. In addition to the list of personal contacts of the user, other highly sensitive information such as passwords and geo-locations were also obtained by the Hipster App. All of this information was sent unencrypted over publicly accessible data channels,” according to the 67-page complaint.

The class claims that Hipster’s actions “involved the deliberate and intentional circumvention of technical measures within the mobile computing device in order to bypass the technical and code based barriers, including the plaintiffs’ and class members’ privacy settings which were intended to limit access by anyone other than the owner of the device.”

More: Courthouse News Service

I applaud the effort to require warrants to search email. Even if it’s old email. Kudos to Sen. Pat Leahy. If I had my way significant parts of the Patriot act would have had their sunset and began the trip into history along with Osama Bin Laden. It’s a rare thing for liberties or civil rights to be restored without far more drama than like a bill going through due process. Please contact your representatives and encourage this requirement.

Senate Committee Approves Bill Requiring Warrants for E-Mail

A Senate committee on Thursday unanimously backed sweeping digital privacy protections requiring the government, for the first time, to get a probable-cause warrant to obtain e-mail and other content stored in the cloud.

The measure, sponsored by Sen. Patrick Leahy (D-Vermont), the head of the Senate Judiciary Committee, amends the 1986 Electronic Communications Privacy Act. The amendment would nullify a provision that allows the government to acquire a suspect’s e-mail or other stored content from an internet service provider without showing probable cause that a crime was committed.

The development comes as e-mail privacy is again in the spotlight after FBI investigators uncovered an affair between then-CIA chief David Petraeus and his biographer Paula Broadwell after gaining access to e-mail accounts used by Broadwell.

Currently, the government can obtain e-mail without a warrant as long as the content has been stored on a third-party server for 180 days or more, and only needs to show, often via an administrative subpoena, that it has “reasonable grounds to believe” the information would be useful in an investigation.