How Could Facebook Siphon Off Call and Text Data?

The news that Facebook's Android app has been collecting call and text histories is yet another black eye for the social media giant. But just why was Facebook able to siphon off records of whom its users were contacting -- and when -- in the first place?

The short answer: Because Google let it. The longer answer: Well, it's complicated.

The social network acknowledged on Sunday that it began uploading call and text logs from phones running Google's Android system in 2015 -- first via its Messenger app and later through an option in Facebook Lite, a stripped-down version of its main app. Facebook added that only users who gave appropriate permission were affected, that it didn't collect the contents of messages or calls, and that users can opt out of the data collection and have the stored logs deleted by changing their app settings.

Facebook did not respond to multiple requests for more specifics. The kerfuffle over this data collection, first reported by the Web site Ars Technica, follows a week of turmoil for the social network involving charges that it allowed political consultants to steal the data of 50 million users in order to influence election.

There's a reason Facebook's actions were restricted to Android phones. Apple locks down app permissions tightly, which offers more privacy protection to iPhone users. "Apple's fundamental approach is to collect the minimum amount of information to keep the service running, and keep customers in control of the information," said Rich Mogull, CEO of the security firm Securosis.

But Android has long been more indulgent.

Until recently, in fact, Google let app developers gain access to a phone's call and text logs. All they needed was an app that required access to user contacts. Once users agreed, Android would then also grant...

Comments are closed.