When I tried to login to HN, I was offered to login using OpenID, via some site called ClickPass, and when I tried to login using my Google account's OpenID, there was a warning, all what ClickPass wanted was to access my contacts, rather than just granting a login access.
Here's the prompt:<p>The site www.clickpass.com is requesting access to your Google Account for the product(s) listed below.
Google Contacts - http://www.google.com/m8/feeds<p>Any info?
Hi guys. The answer is no, definitely not. When we first built Clickpass there was no google authentication Ali, you could only authenticate as part of getting authorisation for a particular google service. Contacts seemed the most relevant so that's what we went with. Code dev has been frozen on the system since the acquisition so we've just left it te same way. We don't store or even access the contact data though.
I couldn't find anything on the Clickpass (YCS07) website about the actual data accessed. Not mentioned on the privacy policy neither[1]. We should ask Clickpass or PG (he implemented it on HN).<p>[1] <a href="http://www.clickpass.com/docs/privacy-policy#pp1" rel="nofollow">http://www.clickpass.com/docs/privacy-policy#pp1</a>