Is Palm watching you? If you bought one of its snazzy new Palm Pre phones, the answer is apparently yes -- and not just sometimes, either. According to Palm Pre hacker Joey Hess, the Pre's WebOS constantly logs usage data, including which applications you use, when, and for how long; it catalogs every app you have installed on your phone; it tracks the system state following application crashes; and it even tracks your location, obtained via GPS. All of these logs are sent back to Palm on a daily basis.

Could anyone even feign surprise that Palm Pre customers would be disturbed by this? It's one thing to agree to disclose certain personal information when you sign up for a service, but quite another to be made to disclose information all the time, every day, everywhere you go. To any rational person, that's the difference between a friend and a stalker.

[ See how the Palm Pre stacks up against the iPhone in InfoWorld's deathmatch. | Get the full scoop on next-gen mobile devices in InfoWorld's Mobile 2.0 Deep Dive PDF report. | Read our hands-on evaluation of the Palm Mojo SDK for Pre. ]

But there's no reason to single out Palm. As computing moves away from the desktop software paradigm toward Web-based services and cloud computing, a growing number of software vendors must confront similar issues. If Google's Chrome OS vision comes to pass and the bulk of computing moves from the desktop to the Web, virtually every application will become another opportunity to collect usage patterns, location, and other personally identifying user data. It's time software developers and vendors took an active role in addressing consumer concerns about data collection and privacy -- because if we don't, someone else might step in to do it for us.

Privacy policies aren't enough
Are there legitimate uses for the data Palm collects? Sure. Palm could use it to "customize your experience; troubleshoot and provide updates; ... resolve disputes; collect fees owed; detect and protect against error, fraud and criminal activity; comply with applicable law, regulations, legal processes or enforceable governmental requests," just like its privacy policy suggests.