Facebook recently made headlines because of a private data controversy involving UK consulting firm Cambridge Analytica. While that scandal continues to emerge, Facebook is facing another privacy issue concerning Android users’ call logs and text data being collected for years.
How Facebook’s data-collecting activities were discovered
Software developer Dylan McKay realized Facebook had been collecting his call records and SMS metadata when he downloaded his Facebook account data from his Android device (to do this, go to General > Settings). When he tweeted about it, several users responded that the same thing happened to them, while others revealed that only call histories with close contacts such as parents, partners, and other family members were collected.
Facebook has already clarified that they did not collect anything without users’ previous knowledge, and that granting access to call logs and SMS data is an opt-in feature that users of Messenger or Facebook Lite on Android agree to use when they installed the app.
According to Facebook, requests for access to one’s contacts, phone calls, and SMS history is a widely used practice that helps apps distinguish between personal and professional contacts to improve the way it recommends friends and contacts.
They also noted that in new versions of Messenger or Facebook Lite on Android, users can see more clearly which permissions they’re granting to apps, specifically where apps ask for access to their call and SMS data.
Despite this, users who granted permission before they updated to Android Jelly Bean (version 4.1) are still supplying their contacts data to Facebook. But from the “Marshmallow” version onwards, users are asked separate permissions to access their call and message logs. With Android’s new permission structure, users who download the app will be asked to grant two separate permissions: for their call history data and their message data.
Is there anything you need to do?
While there are users who are aware that Facebook has access to their contacts data, millions of others are still unwittingly granting access to their data -- either because their device is running on an old version of Android, or because they’re simply unaware of what type of information they allowed access to when they initially downloaded and installed the app.
Since a vast majority of iOS apps are not allowed to access call history and SMS data, iOS device users were unaffected. Android users, on the other hand, have an option to delete contact data from their profiles. But it’s unclear whether previously collected data can be completely purged even after deleting Facebook contacts on their device.
For businesses that have employees using Android devices, managing data privacy settings can be tedious. Lucky for you, we have certified experts who can deal with all your mobile device data management needs. Call us if you need help securing your devices.