dslreports logo
 story category
Facebook Under Fire For Phone, SMS Data Collection

Already struggling to recover from the Cambridge Analytica scandal, Facebook's now under fire for another perceived privacy violation: hoovering up and storing user phone and SMS data. Last week a New Zealand man stated on Twitter downloaded the data Facebook stores about his account, and found the company was collecting and storing two years' worth of phone call metadata from his Android phone, including contact names, contact phone numbers, and the length of each call made or received.

Click for full size
To download your Facebook data, users can go to “Settings” and click "Download a copy of your Facebook data" at the bottom of General Account Settings, and then click “Start My Archive." Embedded in that data is a zip file containing a significant amount of phone and SMS data on Android users.

Ars Technica notes that Facebook uses this data as part of the company's friend recommendation algorithim. They also note that users either agreed to this data collection if they signed up to use Facebook Messenger. But even then, may have agreed to the collection inadvertently thanks to specific Facebook apps and the way Android has handled permissions for accessing call logs in the past:

quote:
If you granted permission to read contacts during Facebook's installation on Android a few versions ago--specifically before Android 4.1 (Jelly Bean)--that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017--the point at which the latest call metadata in Facebook users' data was found. Apple iOS has never allowed silent access to call data.
In response to the story over the weekend, Facebook published this blog post attempting to downplay this latest privacy intrusion:
quote:
Call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android. This helps you find and stay connected with the people you care about, and provide you with a better experience across Facebook. People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off in settings, or here for Facebook Lite users, and all previously shared call and text history shared via that app is deleted. While we receive certain permissions from Android, uploading this information has always been opt-in only.
That contradicts the experiences of numerous users, who state that Facebook never explicitly notified them about this data collection, nor clearly stated publicly this data was being collected. Again, Facebook's just one of a countless number of companies taking full advantage of the lack of any real privacy oversight whether we're talking about a social media company or your ISP. As you'll recall, Facebook worked with ISPs like Comcast in scuttling privacy protections in California last year by lying to lawmakers about what the proposal actually did.


Most recommended from 56 comments


fredbisard
join:2018-02-15
united state

3 recommendations

fredbisard

Member

deleted!

had an account for maybe 2-3 months just to see how really stupid and invasive facebook was. wasn't surprised one bit.

deleted it a few days ago. nothing to miss there except the lack of security!! oh, and the stupidity!!