Since I'm an Android developer I'll try to clear up for Thom the misinformation he has. When you want to download an app on an Android phone you are presented with the Permissions required for the app. You have the choice of whether you want that app to have access to certain things. Keep in mind that it is difficult or almost impossible to get things like access to address books, etc. Sometimes these permssions look scarier than they are. For instance I have some apps that allow for a user to get their longitude and latitude via GPS. To use that you have to see up for ACCESS FINE LOCATIONS as a PERMISSION. But this access is only used when the user wants it for the program. GPS can be turned off and on with the phone.
Sounds like the application that fowards emails is something that user who installs it would know what it is doing. Even the iPhone has had malicious apps that have gotten through their "rigourous" testing (probably done by checking OS calls with a computer than by human).
I much prefer Open Source software and besides even with customers asking for a iPhone version I won't develop for it because of two reasons: I don't own a Mac and it would take awhile to pay one off from app sales and number two Steve Jobs insisted on pushing Object C on developers which has little use outside the iPhone. Android apps can be developed for free on any computer including a Mac. I develop on Linux (Android actually runs on top of a layer of embedded Linux). And with so many carriers (now even AT&T) making Android phones available it is quickly dwarfing the iPhone market.
Open Source is the way of a true non-corporate world.