Facebook denies it collects call and SMS data from phones without permission

March 26, 2018

After an Ars Technica report that Facebook surreptitiously scrapes call and text message data from Android phones and has done so for years, the scandal-burdened company has responded that it only collects that information from users who have given permission.

Facebook’s public statement, posted on its press site, comes a couple of days after it took out full page newspaper ads to apologize for the misuse of data by third-party apps as it copes with fallout from the Cambridge Analytica scandal (follow the story as it develops here). In the ad, founder and chief executive officer Mark Zuckerberg wrote “We have a responsibility to protect your information. If we can’t, we don’t deserve it.”

The company’s response to the Ars Technica story, however, struck a different tone, with Facebook titling the post “Fact Check: Your Call and SMS History.” It said “You may have seen some recent reports that Facebook has been logging people’s call and SMS (text) history without their permission. This is not the case,” before going on to explain that call and text history logging is included with an opt-in feature on Messenger or Facebook Lite for Android that “people have to expressly agree to use” and that they can turn off at any time, which would also delete any call and text data shared with that app.

Ars Technica has already amended its original post with a response to Facebook’s statement, saying it contradicts several of its findings, including the experience of users who shared their data with the publication.

In its statement, Facebook said “Contact importers are fairly common among social apps and services as a way to more easily find the people you want to connect with. This was first introduced in Messenger in 2015, and later offered as an option in Facebook Lite, a lightweight version of Facebook for Android .”

When people first sign up for Messenger or Facebook Lite on Android or log into Messenger on an Android device, they see a screen giving them the option to continuously upload contacts as well as call and text history. Facebook added that on Messenger, users are then given three options: to turn the feature on, “learn more” for more information or “not now” to skip it. On Facebook Lite, they get two options: Turn it on or skip. If users who opted in change their minds later, Facebook said they could turn it off in the app’s settings, with the option of turning off continuous call and text history logging while keeping contact uploading enabled or deleting all contact information they’ve uploaded from that app.”

Facebook emphasized in bold text that it “never sell this data, and this feature does not collect the content of your text messages or calls.”

Even though the opt-in screens do state that granting permission will “continuously upload info” about contacts and call and text history, it is arguable that many users don’t really understand what that means and that instead of saying “this lets friends find each other on Facebook and helps us create a better experience for everyone” (a message sweetened with a saccharine cartoon of a figure texting a little heart), Facebook should really be giving more details about what exactly will be recorded and why.

With the Cambridge Analytica scandal still fresh on everyone’s minds, Facebook’s apparent willingness to place the onus for protecting personal data on users who already feel victimized is unlikely to help them regain any goodwill. But even people who truly understand the implications of the feature and chose to opt-in anyway did so assuming that their data would be guarded as Facebook promised. As the Cambridge Analytica fiasco threw into sharp relief, that hasn’t always been the case.

TechCrunch has the full story

Sponsored Recommendations

A Cyber Shield for Healthcare: Exploring HHS's $1.3 Billion Security Initiative

Unlock the Future of Healthcare Cybersecurity with Erik Decker, Co-Chair of the HHS 405(d) workgroup! Don't miss this opportunity to gain invaluable knowledge from a seasoned ...

Enhancing Remote Radiology: How Zero Trust Access Revolutionizes Healthcare Connectivity

This content details how a cloud-enabled zero trust architecture ensures high performance, compliance, and scalability, overcoming the limitations of traditional VPN solutions...

Spotlight on Artificial Intelligence

Unlock the potential of AI in our latest series. Discover how AI is revolutionizing clinical decision support, improving workflow efficiency, and transforming medical documentation...

Beyond the VPN: Zero Trust Access for a Healthcare Hybrid Work Environment

This whitepaper explores how a cloud-enabled zero trust architecture ensures secure, least privileged access to applications, meeting regulatory requirements and enhancing user...