A little while back, I wrote about my concerns with the Facebook Messenger app, and the Permissions it needed demanded to function. It was these Permissions that saw me uninstall Messenger and ultimately close down my Facebook profile.

I’ve since activated a very stripped down Facebook profile, where I share a lot less than before and have it locked down to a very small number of family and friends – a very different experience from my “pretty much share everything” use on the deleted account.

Since I commute a lot, I installed the full Facebook for Android app. Usually, I have my apps to manually update, but because I had been testing the beta version of the new Android app before switching back to the “official” one, I’d neglected to change my app update settings.

This let Facebook download the latest update yesterday. And, originally, I was impressed – the new UI was slick and the experience far superior. So impressed, I shared a couple of screen grabs of the new interface.

Facebook for Android profile Facebook for Android newsfeed

As you can see, it’s a clean, easy-to-navigate experience. Finally, Android users had the app they deserved, right? Not quite.

The Devil Gives Better Choices than Facebook

You’ve probably heard the term “making a pact with the Devil”. Essentially, it allows you to have anything you want, in exchange for your soul being the property of the Devil when you die.

Facebook’s new Permissions kinda reminded me of this, given that they’re forcing you to give up any semblance of privacy you may have thought you still had left.

When I shared the pictures on Google+, Al Spaulding made me immediately regret the fact I was on auto-update. From his comment on the post:

It looks great. However I refuse to download it and am still using the older version from 2 mth ago. Why? Because the new one says pretty clearly that they can access your phone for anything. They can read your texts – take them off your phone and upload them to their server, place phone calls on your behalf, and even disclose your location without you wanting them to.

While I’m used to Facebook’s Draconian privacy settings, the part about accessing my SMS and MMS messages caught my attention. I don’t recall this being as explicit before (although it may have been), so I uninstalled the app and set about re-installing to check the Permissions out fully.

The results were a mix of scary and extreme.

Facebook SMS

Facebook contactsFacebook calendar Facebook call numbersThe Calendar I’d seen on previous Permissions, and the Calls (while annoying) I’m pretty sure had been there too. But check out the exact wording of the SMS/MMS Permission, and that of the Contacts one.

Doesn’t that alarm you as a user? Read that wording again, especially this statement:

This allows the app to read all SMS messages, regardless of content or confidentiality.

Wow. Just… wow. Not even my wife gets access to my SMS messages (and no, Jacki, I have nothing to hide!). What honest and useful reason can Facebook have to get access to my texts? Seemingly they’re running with the “It will help us target better” message.

I call bullshit.

Target Publicly and Respect Privacy

I’m a marketer. I get that data helps us target campaigns better, and (in an ideal world) meet the needs of our customers and audience by that very targeting. Yet as I say time and time again, this has to be opt-in, and publicly available data.

The moment you track data beyond public access, you’re moving into both immoral and – you’d like to believe – questionably legal areas.

Facebook requiring access to my SMS messages, as well as the friends I speak with privately on the phone, sets off major alarm bells, and this from someone that benefits from the amount of data publicly available.

I’m not naive enough to think anything we put on the web is private. And, since the NSA-Snowden affair, I’m even less naive to think that we don’t face the prospect of being snooped on by our respective security forces.

But it could be argued it’s in the interests of public safety for this level of monitoring (though some of the arguments are very tenuous). Facebook doesn’t protect us, nor does it seem to have our interests at heart. All it wants are numbers, pure and simple, and the data that comes with these numbers to sell to the highest bidder.

These Permissions for their Android app merely confirm that, and is why my use of Facebook will now be restricted to the web version.

Your privacy, and how you place it in the Facebook ecosystem, is something Facebook is counting on you to ignore. The choice is yours.

Sign up for free weekly content

Enter your first name and email below to get my free weekly newsletter with the latest posts, recommended reading, content tips and more.

(I respect your privacy and will never spam you)

Blog consulting with Danny Brown

Comment Policy: Your words are your own, so be nice and helpful if you can. Let’s treat the guests (and that includes you) nicely. Otherwise, you will be moderated and deleted where I feel it’s applicable. Please, only use your real name and limit the amount of links submitted in your comment. Apart from that - have at it!

    Share Your Thoughts

    Your email address will not be published. Required fields are marked *

  1. says

    People Mock Blackberry OS X OS all they want, but it is still the only OS I think that can allow a user to pick/choose which permissions they allow at a very fine grain level, it isn’t like Android where you have to accept all or you can’t install app, you can selectively disable some or all of the permissions the app is requesting and they have to code their app to assume and work in any of those possible selections.  Even iOS gives you more granular control being able to block access to applications to certain things at a more fine grain level even after app is installed than Android, and this is one of the weakest links with Android is the “all permissions” or none, with no fine grain control for users.  
    Application owners as a result add as much as they think they can, without designing around bare minimum permissions when designing on Android.   The real question is and I wasn’t a user of messenger, but if that application and others like it had SMS access before, and FB functionality is now crossing over to allow communications via Text to go out on multiple streams, the access is needed for functionality.

    At some point, people have to realize a phone which is on a data carrier is not an ideal source for privacy or data protection, even if it isn’t the apps, the ISP’s, Providers and Google has access to more than you realize.  There is no privacy on any device that can connect to the Internet.

  2. DiaperDads says

    hoppyfather I don’t use a twitter app on my phone, so I’m not sure what permissions it asks for. But, it wouldn’t surprise me.

  3. says

    Well, I always figured everything we put online is accessible to someone somewhere; but yes, maybe we need to be more concerned about this. I think we are too far down the rabbit hole at this point to back out however.

  4. says

    JamieCrager  Yeah, I was only made aware of it because of Al’s comment on G+, mate. Shows how easy it is to sneak these things by if you’re not always switched onto the update status.

  5. says

    cr8tivejen  I know, right? The last time I wrote about Facebook (the Messenger post linked to in this article), a Facebook engineer came on to advise why the Permissions were the way they were. Fair enough – but there’s no way in heck I can think of one solid reason why you a social network needs access to my private SMS messages.

  6. says

    Justin Germino  Hey there Justin, great to see you here mate, hope you’re well.
    To be honest, this is the first time that I’ve seen such specific language around SMS – much more heinous, for want of a better word, than the Messenger Permissions. I also don’t buy Facebook’s alleged reasoning for it, to help connect us better. My SMS is separate from my Facebook is separate from my email; they’re that way for a reason (different people/connections, different usage).
    They also said it was for two-step log-in functionality, and i call BS on that. I have two-step on both Google and Twitter, and I input a code sent to my phone. They don’t need to see the text so they can automatically log me in.
    No, I feel this is another example of Facebook being the data miners they are, and users be damned.

  7. dakinshaun says

    You know that the Teleco companies have all your communications.  Everything.    Internet, email, SMS, search, everything.   And the Govt / NSA can get to all of it as well.

    In the case of Facebook the trade off has been, from their inception, give us your personal information and we will build an amazing social network that you don’t have to actually pay cash $$ for.

    If you really care about privacy read this article by Julia Angwin on how it cost her over $2,000 (and she is a Wall Street Journal reporter) to really attempt to protect her privacy.

    http://juliaangwin.com/new-york-times-op-ed-has-privacy-become-a-luxury-good/

    Shaun Dakin
    Founder
    PrivacyCamp

  8. Sidd29 says

    Although i would like my privacy, it went out of the park when we started using smartphones for everything. we are ourselves to blame for wanting everything on the go on one device to make our life simpler. And its not that only Facebook does this data mining thing, every website does it, its just that Facebook has been targeted way more than others. As long as the advertisers don’t bother me (which i am lucky to not have come across) i am good. This thing is like a necessary evil. And regarding these permissions, it hasn’t posted, replied, called etc. without my authorization.
    If we can take any positives from this is that now Facebook has made a full disclosure about invading privacy, unlike others. And anyone who believes that there is privacy on the internet is living in an utopia. This is something which we can’t save ourselves from, today its this site/app tomorrow it will be another, this will go on for the rest of the eternity.

    And by the way, when did your Facebook got updated to the above screenshot, cause mine is still on the older version?

  9. cahwyguy says

    I found this, naturally, by someone sharing it on Facebook. I’m very selective about which apps I install. When I saw the permissions the Facebook app was requesting, I decided I didn’t need the app. If I need to use Facebook on my phone, I’ll go to their website — where they have much less control. I’ve given up my phone’s privacy to Google, and that’s enough!

  10. says

    Justin Germino I had a chat with my friend AMVandenHurk over on Facebook (ironically enough), and she hadn’t seen this on the iOS settings. I know Facebook had been wanting to improve the Android experience for a while, so perhaps the new update went there first? Hopefully Apple will instigate more controlled requests for private data.

  11. says

    cahwyguy  It’s sad – the majority of the web is switching to mobile, and that opens us up to more invasions of our privacy, because – as Facebook shows – we only have two choices, accept or miss out.

  12. says

    Sidd29  As mentioned in other comments (and in the article itself), I don’t think anyone is naive enough to think our data is private on the web. And, perhaps, our need for always-on access to the web via smartphone has opened the dam on privacy.
    That being said, there are some aspects of our smartphone use that no company has the rights to access (with, perhaps, law enforcement agencies being the exception). For a social network to want access to this information, that’s a step into a whole new gamut of invasiveness and intrusion, and should be pushed back against.
    The update went through on my Android last night, perhaps it’s going through a rolling release?

  13. says

    dakinshaun Hi Shaun,
    Oh, for sure, and as someone who has worked in the U.K. telco industry when we first brought mobile data to the market back in 1999, as well as consulting with RIM and some other devs on data access tech, I completely get the fact that our service provides have more access to us than we’d like to believe. 
    But that’s telcos, and the very companies that provide the services that Facebook wants access to. And, yes, the trade-off has been access to our data. But that’s always been the data on Facebook itself – our friends, our Likes, our brand loyalties, our hobbies, our buyer preferences. That trade-of has not been at the expense of private SMS access. Email contacts? Sure, that’s a begrudged part of connecting with friends on these networks.
    The SMS access is a step up in data access, and should be pushed back against wherever possible.

  14. Sidd29 says

    Danny Brown i totally agree with you on the limit of invasion and that’s why i have disabled the auto-update feature on my phone, i like to read the changes in the permissions before updating it and if i feel anything suspicious i do not update it or uninstall that app. But i do feel that we are fighting a lost cause wherein we might be able to lower our damages but we wont win, ever. cause in this fast-paced environment we need them more than they need us. its the classic case of caveat emptor

  15. says

    Sidd29 Perhaps, mate. But do we need them more than they need us? After all, they’re nothing without data. We (humans) on the other hand are pretty resourceful. It’s why we ca still function when there are power failures, while data centres scramble to go into auto-recovery mode.
    The likes of Facebook may feel they have the power, but https://www.priv.gc.ca/media/nr-c/2009/nr-c_090827_e.asp, poke too far into people’s private space, and those with the balls to push back will do (and lead to country-wide surrenders by Facebook itself).

  16. lucidcircus says

    What about iPhone?  Does the OS not permit such abuses?  Or should I expect it in the next update?

  17. baywebbubbles says

    janebinnion DannyBrown I tweeted about this ages ago. Uninstalled from phone. Use the browser instead. Took screenshots of permissions :-(

  18. DaisyMayCreatns says

    baywebbubbles janebinnion i’ve just got my 1st android phone. Previously BB. All the app permisions r scary. Nothing is private:(

  19. baywebbubbles says

    DaisyMayCreatns janebinnion At least you get told so you have the option not to use. Some are scarier than others

  20. baywebbubbles says

    DaisyMayCreatns janebinnion My latest peeve is the photo tagging in Twitter – should be opt-in not opt-out. Grrr.

  21. DaisyMayCreatns says

    baywebbubbles janebinnion I only came across that yesterday. Still working out the rest of phone n how to stop all the auto stuff lol

  22. janebinnion says

    baywebbubbles indeed, perfect for spammers I thought #twitter #phototagging DaisyMayCreatns 😮

  23. baywebbubbles says

    DaisyMayCreatns Bit of a learning curve but I’m sure you’ll be happy with it once you’re used to it.

  24. DaisyMayCreatns says

    janebinnion baywebbubbles I’ve been trying to delete the automatically installed apps but struggling :(

  25. janebinnion says

    baywebbubbles DannyBrown I think for me this is on top of the failing viability of pages, they seem to be losing attachment to customers!

  26. baywebbubbles says

    janebinnion DannyBrown They have shareholders to please now. Need to make money but are doing it the wrong way :-(

  27. baywebbubbles says

    DaisyMayCreatns janebinnion All manufacturers install their own apps – why I get direct from Google #nexus Can only uninstall if you root

  28. KnightTCreation says

    baywebbubbles janebinnion DannyBrown Yeah – they keep asking me to update my android app, but I took one look at the terms and said nah.

  29. baywebbubbles says

    KnightTCreation janebinnion DannyBrown I use the browser now. Just means I don’t get auto notifications.

  30. janebinnion says

    baywebbubbles exactly, #howtopissoffyourfans! Big brands may sty of course, but it doesn’t work for smaller orgs at the moment DannyBrown

  31. says

    lucidcircus  I was speaking to a friend last night about the iPhone version, and it seems it’s just Android at the minute. Zuckerberg has gone on record as saying the Android app was poor, and forced his engineers to use it to see how bad it was. This update is the result of the major changes, so it may yet make its way to iOS.

  32. DannyBrown says

    baywebbubbles Likewise. I’m not giving anything to Facebook that’s forced on us by mobile use. KnightTCreation janebinnion

  33. baywebbubbles says

    DannyBrown Trouble is, Facebook won’t learn and there’s plenty of people who won’t notice or worry KnightTCreation janebinnion

  34. janebinnion says

    baywebbubbles DannyBrown KnightTCreation my concern is those who don’t notice, most people don’t read T&Cs that’s why I shared the post

  35. janebinnion says

    baywebbubbles exactly, it really isn’t an essential app, now Twitter is a different thing ;)) KnightTCreation DannyBrown

  36. nlakeland says

    DannyBrown I turned the auto-update off for that app as soon as I read your piece. Agree is scary what you can find yourself agreeing to.

  37. fundraisinisfun says

    miriamschwab As scary as it is, is the assumption FB would actually use my private SMS to market to me? I don’t think they would. #Naive

  38. miriamschwab says

    fundraisinisfun they shouldn’t be accessing it at all, and they say “regardless of confidentiality”! Chutzpah!

  39. fundraisinisfun says

    miriamschwab Agreed! But trying to get in FB heads & why they’d do this. Also, they can get away w/ it. Most ppl ignore permissions.

  40. DannyBrown says

    fundraisinisfun My take is, they access the SMS data to connect dots to your friends on Facebook and your joint interests miriamschwab

  41. DannyBrown says

    fundraisinisfun Additionally, by reading private data, they understand content to identify potential for behavioural ads miriamschwab

  42. fundraisinisfun says

    DannyBrown Which means better targeted ads. Creepy. But guessing most ppl won’t care. Everything is public so why not SMS? miriamschwab

  43. fundraisinisfun says

    DannyBrown Guess that now they’re publicly traded, they have to find ways to increase revenue. It sucks but… #ItSucks miriamschwab

  44. DannyBrown says

    fundraisinisfun Because of exactly that – we *expect* public info to be monitored. We do *not* expect private comms to be. miriamschwab

  45. miriamschwab says

    fundraisinisfun because everything is NOT public! Zuck tried to use that argument during fb privacy uproar, wasn’t accepted DannyBrown

  46. fundraisinisfun says

    DannyBrown I’m wondering if young ppl think that as well or having grown up this way, they assume everything is public. miriamschwab

  47. fundraisinisfun says

    miriamschwab I agree! But at the end of the day, until there’s major blowback for this one, FB gets its way. And it sucks. DannyBrown

  48. miriamschwab says

    fundraisinisfun many users, incl young ones, are unaware of these issues. Doesn’t mean that should be taken advantage of! DannyBrown

  49. miriamschwab says

    fundraisinisfun hopefully DannyBrown post on the subject will start to spread awareness and lead to some kind of protest

  50. fundraisinisfun says

    DannyBrown I’ve seen those studies but seen others that contradict it. Remember: FB’s ceiling is nowhere in sight. miriamschwab

  51. DannyBrown says

    miriamschwab Thanks, Miriam. While it’s just one post, have seen a LOT of ppl discussing on Facebook and deleting app. fundraisinisfun

  52. fundraisinisfun says

    miriamschwab Agreed BUT ask young ppl if they care that FB has access to their SMS. Willing to bet plenty wouldn’t. DannyBrown

  53. fundraisinisfun says

    DannyBrown And I was about to update. Not happening. (BTW- how many other apps have those same permissions?) miriamschwab

  54. DannyBrown says

    fundraisinisfun There will always be counter studies. While ceiling may be far off, Snowden makes privacy an issue for them. miriamschwab

  55. miriamschwab says

    fundraisinisfun yes, ask users! Facebook is not asking, but dictating! Even if only 1 user says no, everyone must be asked! DannyBrown

  56. DannyBrown says

    fundraisinisfun So far, from the ones i’ve checked on my phone, none to that degree. Doing a study over next few days. miriamschwab

  57. fundraisinisfun says

    DannyBrown But how seriously do they take it? There’s a LOT of crap posted out there (especially about their employers). miriamschwab

  58. fundraisinisfun says

    DannyBrown I will be VERY interested to see results of that study. I admit I don’t look at permissions often enough. miriamschwab

  59. DannyBrown says

    fundraisinisfun It’s like anything – the seriousness will come when they feel affected. That’s why FB continues to ignore. miriamschwab

  60. danielcohen82 says

    fundraisinisfun DannyBrown miriamschwab FB already have our SMS details – they paid $19bn for them #WhatsApp

  61. miriamschwab says

    fundraisinisfun no reason to wait for perfect world to demand our right to reasonable privacy DannyBrown

  62. fundraisinisfun says

    miriamschwab BTW- all ur arguments are correct & solid. I just think ppl r lax about permissions/privacy. FB took advantage. DannyBrown

  63. DannyBrown says

    danielcohen82 They would have to change their legal ToS and privacy to adapt that data into their platform. fundraisinisfun miriamschwab

  64. DannyBrown says

    fundraisinisfun Ha, indeed – that’s the only way folks like that ever take notice, sadly. miriamschwab

  65. miriamschwab says

    fundraisinisfun that is exactly my point. Facebook is taking advantage of ignorance, lack of awareness on a serious issue DannyBrown

  66. fundraisinisfun says

    miriamschwab Yup- & laughing to the bank. B/c in the end, you didn’t leave the service altogether. You stayed- just on web. DannyBrown

  67. danielcohen82 says

    DannyBrown fundraisinisfun miriamschwab Right. Might not happen in near future but see LinkedIn/Slideshare recent changes

  68. DannyBrown says

    fundraisinisfun True. Yet mobile revenue is where the money is. If enough users stay off their app, who knows? :) miriamschwab

  69. fundraisinisfun says

    DannyBrown Which I think explains many FB moves. They have to keep stock price hi. Explains low organic Page reach as well. miriamschwab

  70. DannyBrown says

    danielcohen82 I think the difference is they’re “professional” networks. WhatsApp strength is user privacy fundraisinisfun miriamschwab

  71. DannyBrown says

    danielcohen82 I could be wrong, but judging on how users are watching what FB does, there would be backlash fundraisinisfun miriamschwab

  72. DannyBrown says

    fundraisinisfun Agreed. Which is why they should be offering monthly fee for SMBs to promote as opposed to current approach. miriamschwab

  73. fundraisinisfun says

    DannyBrown BTW- why not also complain to Google to give users the right to decide which permissions to allow and which not? miriamschwab

  74. DannyBrown says

    fundraisinisfun Give biz real visibility, charge fair fee for it, customers see content, FB makes money. Everyone wins. miriamschwab

  75. danielcohen82 says

    DannyBrown fundraisinisfun miriamschwab Everyone watches what FB are doing bc it’s the biggest and ppl are waiting for it to collapse

  76. fundraisinisfun says

    DannyBrown FB makes less b/c only those with a budget to pay fair fee will advertise. The rest will leave IMO. miriamschwab

  77. miriamschwab says

    fundraisinisfun we all have modified our privacy expectations to some degree. But there are red lines. For now I’m still on fb DannyBrown

  78. DannyBrown says

    fundraisinisfun Even Google isn’t as Draconian as Facebook, but yes, they’re also guilty of poor Permissions. miriamschwab

  79. chriscct7 says

    I use FB on Android but refuse to update it for this reason. The reason they ask for text messages, as far as I understand it is so that FB becomes the place you go to to read all your FB messages, text messages, etc. Like a hub almost. This keeps you in FB longer and more often and thus more dependent on them.

  80. DannyBrown says

    fundraisinisfun It’s a key reason I’m moving away from Google usage (search, phone, etc.). Minimizing access where possible. miriamschwab

  81. fundraisinisfun says

    DannyBrown Where you moving to? For search, for example? Does that also mean only using iOS? miriamschwab

  82. says

    chriscct7  I saw their reasoning for the SMS access, and I don’t buy it. Yes, you go there to read FB messages and perhaps use their Messenger app. But that’s internal to the FB ecosystem. SMS messaging is a different beast altogether, and for (mostly) different contacts and conversations. 
    The Hub can survive with public updates and private messages without the need to access and read our SMS.

  83. DannyBrown says

    fundraisinisfun Using duckduckgo for search; may switch to Windows phone (don’t laugh!). iOS second option. miriamschwab

  84. fundraisinisfun says

    DannyBrown a) never heard of duckduckgo. interesting b) not laughing. I just wonder if they won’t follow suit. miriamschwab

  85. chriscct7 says

    Danny Brown chriscct7  Not really. Imagine a system where you have all of your discussions with a person from SMS, FB chat, gHangouts, Twitter, etc in one place. That’s what FB is aiming for. Key to this is slowly changing the average user from sending SMS from the phone, and instead doing it inside FB. That’s what they are aiming for.

  86. says

    chriscct7 You can pretty much do that now with various apps. The difference is, they’re still independent and usage of the SMS feature is simply to send and receive, not give Read Access to them. This is the key differentiator.

  87. miriamschwab says

    DannyBrown I can’t imagine moving away from Google. I get so much value from them: Google Apps, calendar, analytics, etc fundraisinisfun

  88. DannyBrown says

    miriamschwab Oh, for sure – I’m just not a fan of how they’re looking to force you into using all apps so others work fundraisinisfun

  89. miriamschwab says

    DannyBrown and speaking of Google dependency, just got my new phone: Nexus 5! I’m totally tied to them now :) fundraisinisfun

  90. DannyBrown says

    fundraisinisfun As far as I know, just Android for now. Zuckerberg was critial of existing app, wanted major improvement. miriamschwab

  91. chriscct7 says

    Danny Brown chriscct7  Right I understand that. The point of this comment was to explain why they ask for it, something that is missing in the article in question. Sure, there’s a billion apps and online services that do this already. The difference is now Facebook wants to do that as well and thats why they are asking for it. I’m not saying what they are doing is good or bad, right or wrong, the best or the worst way, what I am simply doing is pointing out why they are doing what they are doing.

  92. DannyBrown says

    fundraisinisfun Time to go feed kids and settle into Saturday evening. Awesome discussion guys, thx – have a great weekend! miriamschwab

  93. miriamschwab says

    DannyBrown thanks for raising awareness for this issue. Have fun with the kids! fundraisinisfun

  94. kimparsell says

    sarahpressler I’d love to delete my FB account, but it’s the only place I can keep up with family.

  95. says

    chriscct7 Facebook has already proven it can keep texts and Facebook separate, as highlighted by the option to use Messenger with just a phone number and name (in certain regions, not worldwide).
    By making specific requests to read your SMS from the main Facebook App, as opposed to the separate Messenger one, it’s a step in a very questionable direction.

  96. Debiz says

    Thank you for this post. I hope it’s not too late, but as of now my facebook app is now deleted!!! I’ll access facebook from chrome as of now……

  97. chriscct7 says

    Danny Brown chriscct7  right. I agree they can keep them separate, I think they do n’t want to. I think Facebook wants to move forward with 1 Facebook app, then they’ll deprecate messenger (which hasn’t gotten the critical traction it needs on the 12-21 age group) and have users do SMS, messaging and more in the original Facebook app. When I look at Facebook OS, I see them trying to control the entire experience. I think thats what they want. They want to control the SMS experience. Having them do it in FB means more time in FB and more desperately needed mobile ad revanue.

  98. chriscct7 says

    Danny Brown chriscct7  I think thats what this is ultimately about. Its a desperate try to regain mobile messaging users which has been dropping considerably over the last year, by refocusing their efforts on controlling the experience. While FB OS didn’t work out that great, they’re going with attempt #2 with this slow move to dominate the mobile Android experience. The more control they get, the easier it will be to coerce users into letting FB control it all.

  99. says

    chriscct7 Agree, and their wording shows this. The question is whether there will be pushback on it. Too many people definitely ignore reading the changelogs, and that’s what Facebook (and others like them) rely on. However, it’s beginning to gain traction for people to be more concerned about privacy, especially as these types of terms get highlighted (while I know this post is but one in the grand scheme of things, it’s generated a healthy discussion on Facebook with a large majority deleting the app).
    At the end of the day, like anything Facebook does it’ll probably succeed because of user apathy – it’s the users that need to push back and refuse this kind of access.

  100. chriscct7 says

    Danny Brown chriscct7  Yeah agreed. The one good news is if you click update all apps on Android, if theres been a change in permissions it won’t autoupdate that app. I think consumers are becoming more cognoscent of the permissions system, but the problem is that’s mostly older age users being more aware of it, and learning how it works and what it does. Whats concerning to me is the lack of care for privacy in the current 14-21 age spectrum. This age of kids are the ones who experienced tech when it was ripe. They came after privacy was an expectation, and instead when privacy is now an option, often not default. I think moving forward the lack of care from this age group will lead to consolidation in the data warehousing industry and we’ll see the emergence of 2-4 large data warehouses that will be one stop shops for things like colleges. If the kids don’t care about privacy, for a college, admissions will become as simple as pulling up every life detail, personal information, and otherwise. I think it will lead to law changes, some negative, but some positive (like no discrimination based on genetics). But its a scary future unless someone can convince the youth of America that privacy is something that should be cherished and not handed over on a silver platter. That’s what FB is trying to exploit atm, and based on what I’ve seen, this first round of water testing is not looking very good for the existence of privacy long term.

  101. says

    VickiM  Depending on Android settings go to Settings > Manage Apps > Facebook > Uninstall. That’s the standard deletion, but phone manufacturers may have different ways to approach (though end result is the same).

  102. PeterShankman says

    Danny Brown chriscct7  Danny – Think they’re doing it to compete with Google Hangouts? Google Hangouts lets me send SMS/Texts/G chats from one app – Think they want the same thing?

  103. says

    PeterShankman It’d make sense – though even the G+ app doesn’t have the same crappy Permissions, given that the connection just needs to be made to send and receive, without the need to read. This battle between the networks is, sadly, turning what was once a great collection of networks into a playing field for the gullible and quick-to-scan.  chriscct7

  104. ladyashen says

    Have you checked the Twitter and LinkedIn updates? They’re trying to reduce the privacy-factor too. I’ve refused to update Facebook, Twitter and LinkedIn for this reason.

  105. says

    ladyashen  I had a look at their app Permissions last night, following the debate around the Facebook one. They’re definitely leaving little privacy for us, although – for now – none of them come close to the Faecbook for Android app Permissions. The closest is Twitter, who requires Receive Access (but that’s still not quite as bad as the Read approach Facebook is taking).
    I can’t help but notice the irony that as more of us take to mobile for social web browsing, the privacy screws are loosened. Hey ho.

  106. niels_k says

    maguay Android lets you set those permissions and you can tell an app not to use all of those permissions. And this app runs in a

  107. maguay says

    niels_k Does it? If so, that’s good. I thought you had to give it all those permissions to install the app, period.

  108. niels_k says

    maguay sandbox like an iOS-app. And I am pretty sure that an iOS-app could get the same permissions. The difference: in the Playstore

  109. niels_k says

    maguay you already see what permissions are required in contrast tithe AppStore. And the dude is using a beta-version. On iOS using a beta

  110. niels_k says

    maguay means afaik full trust to the dev eclipse you have to install a cert from the dev. I think iOS > Android but this has a) nothing

  111. niels_k says

    maguay no. You don’t need to give all the permissions and the permissions in Android are even more detailed than in iOS and iOS needed

  112. niels_k says

    maguay some time to come close. For several iOS-major releases we users get a bit more on permissions we can give or not

  113. niels_k says

    maguay the author is correct but you can afaik disable single permissions (apparently auto-update doesn’t work then anymore) and you can

  114. niels_k says

    maguay also do it after you installed. And the Playstore informs you about required permissions.On iOS you are not informed by the AppStore

  115. niels_k says

    maguay and decide when you accept the first time a feature. But an app can ask for accessing your photos for using it in the app but

  116. maguay says

    niels_k I’d still say taking this many permissions by default, in a way that only geeks would know how to turn off, is not good.

  117. niels_k says

    maguay after that you are never asked again. So you can accept photo-access for posting it on social media and in the background it

  118. niels_k says

    maguay uploads them all. Both OS have the same problem. If they wouldn’t do this we would have problem the same experience as when using

  119. niels_k says

    maguay an application like Little Snitch. All the times prompts for accessing some data for a single feature

  120. maguay says

    niels_k Good point on the pictures. I’d never thought of that.
    At least there’s no access to, say, your SMS for now.

  121. niels_k says

    maguay that is good and bad. That makes some apps impossible. Imagine apps wouldn’t be allowed to ask for permission to use your photos

  122. maguay says

    niels_k Hmm. True enough, I suppose. Walled off operating systems bring up far more questions that people never thought about before.

  123. niels_k says

    maguay I saw several times apps on iOS that came up on the first start with several requests for permissions and it is spread out

  124. niels_k says

    maguay in the System Settings where those features are. And when I go through the settings I wonder often: “what when or why did I give

  125. tanmays says

    maguay the fact that Android allows 3rd party apps to read sms’s itself is scary. Such a permission should not even exist! niels_k

  126. niels_k says

    maguay this permission to this app?“ And sometimes I have a hard time finding certain permissions to withdraw on iOS. Imho both have no

  127. niels_k says

    maguay real good solution but Android allows more thus is able to enable more kinds of apps. And both OS have sandboxing.

  128. niels_k says

    tanmays why? If such a permission existed, one could create a better SMS-app than what Apple allows. W/out that it’s not possible maguay

  129. niels_k says

    maguay does it? Does more permissions allow an easier break out of the sandbox? I don’t think that those 2 things are related at all

  130. maguay says

    niels_k If the Play Store lets these apps get all these permissions without requiring the user to opt-in, then yes it does.

  131. niels_k says

    maguay it is, as I have written before, just a question of what kind of apps the provider of the OS wants to enable and which not.

  132. maguay says

    niels_k If you could choose each one individually on first launch or prior to installation, then it’d be better than iOS.

  133. niels_k says

    maguay you opt in/out on install. On iOS you opt in depending on the permission on first use of the permission.

  134. niels_k says

    maguay you can on first launch afaik. Damn I am not at work where I have a colleague who is an Android-nerd

  135. maguay says

    niels_k But is it auto opt-in, or is there a prompt asking you if you want to, say, give it access to your SMS? That’d be the difference.

  136. tanmays says

    niels_k true. But for somethin as sensitive as SMS warrants responsibility on Googles part. Like allowing only verified devs access maguay

  137. maguay says

    niels_k Haha. And I’m speaking with experience limited to cheap Android 2.something tablets, plus extensive iOS use, so hey.

  138. niels_k says

    maguay the point the HN-commentator made was exactly that requesting on first launch is worse than requesting on first use

  139. maguay says

    niels_k If there is a prompt you can say no to, and the app still works, then it’s ok. If not, then it’s a net loss esp. for average users.

  140. niels_k says

    tanmays maguay PlayStore-devs are verified devs afaik. Sideloading is like loading an app on your computer from the internet

  141. niels_k says

    tanmays maguay an I have probably more sensitive information on my computer than my phone. Like SSH- and GPG-keys.

  142. niels_k says

    maguay iirc there is a prompt where you can say no. But honestly how often do we say no. That reminds me that for example the contact-

  143. tanmays says

    niels_k everyone knws how laxed Googles approval process is. And with so many online services relying on SMS verification its scary maguay

  144. niels_k says

    maguay permission was only introduced after the Path-disaster. Before that apps could always just access your contacts. Iirc Android had

  145. niels_k says

    maguay restricted that before. Lots of permissions we get asked now to confirm to where long time auto-opt in without opt-out. I think only

  146. tanmays says

    niels_k by verified I meant those with proven track record. Any one can create a Play Store dev account. maguay

  147. niels_k says

    maguay location was restricted from the beginning and even with that I am not sure. Btw Contacts-permission: what Threema does with that

  148. niels_k says

    maguay and what Whatsapp does is a whole lot different but I don’t get informed by a dialogue about it, just that the app wants access

  149. maguay says

    niels_k Good point. Another good point, as you said before, is that our desktop/laptops are in many ways wide open.

  150. niels_k says

    tanmays maguay We can’t say for certain which apps didn’t get approved by Apple because those devs probably do not necessarily speak out

  151. maguay says

    niels_k Not sure what the perfect solution is, because most people don’t even think about privacy until given a reason to do so.

  152. niels_k says

    tanmays maguay so we don’t know if they don’t get approved or do not get developed in the first place.

  153. niels_k says

    maguay yes. And they don’t even care. Whatsapps userbase grew stronger after they got bought by Facebook.

  154. maguay says

    niels_k Wouldn’t surprise me if every messaging app grew then just because of Whatsapp’s mainstream media coverage then.

  155. maguay says

    niels_k It made “normal” people think they should check out these new messaging apps in the first place.

  156. niels_k says

    maguay but my original point is that iOS and Android have both merits and flaws. And both fanboy-sides tell a lot of BS about the other

  157. niels_k says

    maguay the main weakness of Android is that it seems to be harder to create good looking apps. But over the last couple of years many do

  158. maguay says

    niels_k There’s truth to that. I don’t want to fall on the fanboy side, but want to help people make informed decisions.

  159. niels_k says

    maguay not really care and prefer a lower price over nicer looks. My colleague makes all the time fun about me because looks of an

  160. niels_k says

    maguay application are important to me. For him it is mainly important that it works and has a lot of functions. Good looks are unimportant

  161. niels_k says

    maguay If you want to write about objectively about both you should get a Nexus and try to use it nearly as much as your iOS-device.

  162. maguay says

    niels_k And yet, mobile’s not my main space—web and productivity apps are. Thus the lack of Android devices.

  163. tanmays says

    niels_k Apple straight away rejects apps if it uses unnecessary APIs. Ex. If you use the VOIP API to stay in bg for a normal app. maguay

  164. niels_k says

    maguay there are features I really miss from Android. My colleague uses Keypass and can sync it via BitTorrent Sync between his comps

  165. m_gol says

    @niels_k maguay  So what? You’re informed on first attempt on use; it’s way better than what Android does since no one reads all these permissions (at least most doesn’t) and on iOS you’ll read one when it asks you specifically about it.

    I agree it’d be better to have an option “Always ask”, but still iOS is way better here than Android – if I deny the Facebook app a permission, it still works, it has to. You can’t install the Android version without giving it all those permissions. This means I can install Facebook on iOS and not worry about my private data. You can’t do that on Android.

  166. niels_k says

    tanmays maguay and if you want to create a malicious app that needs certain permissions you can design around the needed API

  167. niels_k says

    tanmays maguay it might be a bit harder but then you could also ask: why doesn’t the user think beforehand. So much paternalization

  168. niels_k says

    tanmays maguay like with applications on phones would be hated in a lot of areas in our life. And if you have an attack and want to use it

  169. tanmays says

    niels_k on iOS you can’t go around API to access outside stuff. Thats the advantage of sandboxing. maguay

  170. niels_k says

    tanmays maguay you find a way. It probably leads to less breaches of privacy but tbh most users just don’t care

  171. niels_k says

    tanmays maguay I am an informed user who likes privacy and I don’t know how often I uploaded my whole address book to a service

  172. niels_k says

    tanmays maguay you can’t either on Android except the device is rooted aka jailbroken. You just have more permissions available.

  173. niels_k says

    tanmays maguay as far as I know. On Androidthe user has to think more but gets more possibilities, on iOS you have a father with a strong

  174. niels_k says

    tanmays maguay hand who knows better than you what you want. Or doesn’t he? It is a question of philosophies and what you want.

  175. tanmays says

    niels_k maguay another privacy benefit on iOS are action based permissions vs a bunch of permissions on app launch in Android.

  176. niels_k says

    tanmays maguay I would never want a restricted system like iOS even if it had multi-tasking with windows on my desktop computer.

  177. niels_k says

    tanmays maguay and I had this discussion beforehand. And many of these action-based permissions are fairly new.

  178. niels_k says

    tanmays maguay and now I need to get some sleep. Had less than two hours last night because of the arrival of a new family member.

  179. maguay says

    niels_k tanmays Ha! You poor guy — get some sleep and spend time with your new little one. I must say I’m jealous :)

  180. maguay says

    johnny_winter Seriously, if people assumed everything that touches Facebook is 100% public, they’d use it a lot more sanely.

  181. johnny_winter says

    maguay I’ve long been bemused by the lasseiz-faire attitude with which, otherwise sensible people, dump shedloads of personal info on web

  182. johnny_winter says

    maguay they can’t spy on me with either android or iOS apps (and I have iPhone 5 and Nexus 5)

  183. nhqe says

    beaumartinez he talks about privacy concerns then tells us he used to have a ‘share everything’ mentality on his old account. wat.

  184. PeterFox says

    @niels_k maguay  Actually no, you can do this is some versions of Android but it was a ‘feature’ released by accident so you shouldn’t rely on it being there or staying there http://readwrite.com/2013/12/13/google-android-permissions-privacy-disabled#awesm=~oAJGO6Oiks7hAm

  185. PeterFox says

    Why this article is 99% inaccuracy and twisted facts:

    1) Talk to an Android app developer about Android System Permission, they’d tell you that Facebook don’t make those permission messages, Google does and they’re not terms and conditions, they’re warnings as to the worse case scenario of what apps CAN do with that permission in place.

    2) You’re using a handset from a Company that is the biggest advertiser in the world, if they thought Facebook could get away with reading all your texts and storing them away they would be doing the same.

    3) Those permissions are used to make it so you can make calls, send and receive SMS/MMS messages and match up contact on your phone, now you’re right most people don’t want this but at the end of the day Facebook wants to own as much as your phone as possible so they add these features, it was mainly to compete with all the IMs out there.

    If you are worried that your messages are being read because of private material then yes, don’t use those apps that apply these permissions, but for the average joe this isn’t going to be an issue. It’s only the subject matter of your likes and statuses that Facebook wants to mine for targeted advertising.

  186. DonchoPapazov says

    @http://www.twitter.com/#!/niels_k trust me Android > iOS. Let’s get to the point. I am also beta tester for Facebook and i value my privacy. So in my case I just stop Facebook permission to take my information. How? I run Facebook on a rooted device, flashed with CM11 (App Ops)

  187. RevilFox says

    gmsmagazine It’s not 100% accurate. Those warnings are written by Android as worst cases of what granting those permissions can do.

  188. gmsmagazine says

    RevilFox The point being that they could if they wanted. You really trust #Facebook? Because I sure as hell don’t!

  189. DannyBrown says

    niels_k As mentioned in the article, I *was* on beta, the screens are from the latest official version in the Play store. maguay

  190. DannyBrown says

    maguay I haven’t seen that option so far, though that’s not to say it’s not feasible. I’m guessing rooting OS is answer. niels_k

  191. niels_k says

    DannyBrown hm,I thought I’ve seen this in Android that I can disable single permssions for an app w/out rooting; at least on stock maguay

  192. AndreaSchiavini says

    They are not stealing your privacy or anyone else’s. They are asking you to give them information about yourself and you are agreeing. It’s strange that you hadn’t to confirm a change in the permission set of the app, on my Android handset everytime the permissions change I get a confirmation request even if I’m on auto update.

  193. RevilFox says

    gmsmagazine I trust them as much as I trust most multi-million dollar companies. But they have a lot to lose if they start abusing this.

  194. says

    There is nothing that could be as scary as when an online application does not protect the privacy. If this is what we get with Facebook on android, then its not a good sign at all. For all the benefits of using Facebook, I would still buy into the idea of sticking with the web version is the mobile version breaches my privacy. 
     This comment was left in kingged.com – the content syndication and social bookmarking website for Internet marketers where this post was shared.  
    Sunday – kingged.com contributor 

    http://kingged.com/facebook-android-zuckerberg-owns-ass/

  195. DannyBrown says

    niels_k maguay That’s the problem right there – “Hidden”. How many mainstream users will know about this?

  196. optom27 says

    maguay I love the detailed permission pane in google play, don’t see the reason why should you skip it before installing app

  197. optom27 says

    maguay it’s already shown in tutorial itself, only notable thing is when app requires new permission, then i will send you a screenshot

  198. optom27 says

    maguay i don’t use facebook, but once you root the android phone you can control permission and background services of any app and system

  199. optom27 says

    maguay i keep a host file and update it with scripts to block intrusive ads, today i am adding dnscrypt to it, let’s see if it works

  200. says

    Sunnywilliam  I read an article over at Hacker News about the announcement Facebook will be offering free calls to Messenger users. Not encrypted. Awesome.

  201. Karusan says

    Should also note that when you delete your profile, it is not actually deleted as an Irish group of law students found out.  Facebook just deactivates the account from public viewing but they still have all the data stored for their “improvement” purposes.

  202. says

    AndreaSchiavini  Agreed, and that’s why I used the term “invasion of privacy” as opposed to stealing. At the end of the day, it is user choice – the problem is, too many don’t realize what app permissions require.

  203. says

    Karusan  Yep, I recall an issue with Klout a while back as well, where deleted accounts could still be viewed, along with demographic data when looking at the source code. So much for respecting users’ requests.

  204. says

    PeterFox  Just 99%? Damn, I’m slipping, I usually try for 100% BS. :)
    You raise some good points, but I’m not sure I agree on Android/Google as being the key driver of Permssions (I actually know a couple of devs that work on a lot of Android products). While it’s Google’s system, as you mention, other apps from the main social networks don’t have that kind of language in there (at least, not yet). The only one that’s close is Twitter, and that’s just to receive SMS messages (not read them).
    It’s exactly the average Joe that this affects more, though, since they’re the users who generally don’t dig into the Permissions (or aren’t aware of how deep some of them can connect). 
    Given that Facebook is going hardcore after mobile ads as a key source of revenue, I’m wary of suggestions that they wouldn’t want to access more mobile data. As I mentioned in the article, I’m in marketing so data is key – but there’s always a line that shouldn’t be crossed and, for me, this update and Permissions is one of these.
    Thanks for the thoughtful comment, appreciated.

  205. DonchoPapazov says

    Danny Brown mmahdi  bro if you are running Android 4.3 just install App Ops from the market. In other case just root, flash some bad ass rom (don’t forger to flash recovery) and you are good to go 😀

  206. rajatkhanduja says

    Before I begin, I’d point out that I am not defending Facebook at all.

    So, I have been worried about all these apps asking for weird permissions and I was glad that CM11 allowed me use Privacy Guard to restrict the permission these apps had. Moreover, I could check how many times these permissions were requested and how often were they granted/denied (depending on whether or not I had let the app access it).
    The Privacy Guard tells me that the Facebook app hasn’t tried to Read SMS DB or modify call logs ever! So, what does it need those permissions for? Here are few things where the app might ‘legitimately’ need those permissions :-

    1. Facebook (the app and messenger) seem to offer some way of calling another user directly through the app. I have never used that feature, but I guess using that would require the app to have ‘call’ permission. Moreover, to make it convenient, probably adding it to call log would also make things easy. So, that’s where it would need the ‘modify logs’ permission.

    2. Calendar related permissions could help provide easy integration with the Facebook calendar

    3. Contact (reading and modifying) is relevant for syncing contacts. 
    4. Not sure why Facebook app needs SMS permissions, but the Messenger app also offers the feature of handling your SMSes, for which you’d need those permissions.

    I think, as you do, that most of these things should be opt-in and not enforced. I have found my solution by using Privacy Guard, letting them access only things I want them to access, letting go of features that I don’t think add much value. I wish most apps would respect that choice and freedom.

  207. JsUnMrTn says

    SuperAshPash Settings -> Apps -> find Facebook then App Settings or w/e. don’t have a phone to go through it.

  208. RonPlaybook says

    DannyBrown fundraisinisfun Google /Android is the worst. Look at the embedded Apps in Android and you will see the same access demands

  209. RonPlaybook says

    DannyBrown fundraisinisfun This is why I will never personally own a Goigle/Android device. I’ve been weening myself off them for awhile

  210. RonPlaybook says

    DannyBrown fundraisinisfun miriamschwab Get a BlackBerry Z30 and feel comfortable about using you Superphone…I Love my #Z30

  211. AlexGarcia5 says

    So my phone has my work email on it.  My ITAR, go to federal prison if you show it to a foreign national, email on it.  Guess I don’t have Facebook on my phone anymore.   Lawyers probably have to remove it to protect clients.  Journalists to protect sources.  SERIOUS OVERREACH in the APP TOS.

  212. I_am_me_who_RU says

    Lilith_VvvV Euphony101
    thank god I don’t have that on my phone very creepy but yet no surprise ty Sis AnonVengeance

  213. Euphony101 says

    I_am_me_who_RU Lilith_VvvV AnonVengeance Pl send this to all Anons. Such demons must be brought to justice & made to pay a bitter price.

  214. Chris says

    Facebook’s access to this information is, like all apps, opt-in. You Opt-in when you choose to use the service. Don’t like it? Uninstall! Everyone should quit whining about all of the “invasion of privacy” garbage and read the TOS and requested permissions. They are very clear in the permissions about what you are allowing them to do. Nothing is hidden. If it bothers you, then don’t use the service. If you feel they are asking for to much data, too bad. If you choose to use Facebook, the you choose to give them your life story. It’s not Facebook’s fault you were too big of an idiot to read what you were getting yourself into.

  215. says

    @Chris  As you can see from the post, Chris, I did uninstall. The article was written to highlight the new Permissions to users that may not be aware of it. Speaking of ToS, do you read every single word of every single ToS for services, apps, installs, CMS’s, etc, that you use? Since, if you do, you’d be about the only person on the planet that does. 
    Thanks for the tips.

  216. says

    rajatkhanduja  There’s a difference between call access and read access. Twitter doesn’t need read access, they simply use receive texts as the datapoint; so it seems Facebook is making users adhere to non-essential Permissions. And given the news that’s they’re removing the chat feature from the app to force you to use Messenger, it seems a deliberate move to access more data.

  217. says

    Hi Danny, here is an update, don’t know if you saw this-
    http://www.businessinsider.com/zuckerberg-makes-you-download-app-2014-4?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+typepad%2Falleyinsider%2Fsilicon_alley_insider+%28Silicon+Alley+Insider%29

    I think they are going to get around it by removing messenger from the main Facebook app, that way they can have 2 privacy policies, one for those that value it (to a certain extent) on the main app and those that don’t care (separate messenger app). Facebook doesn’t say this in the post as they give a spin type answer that most tech savvy people won’t buy. The ironic thing is that some people are not happy about this, thus this Mashable post. 

    http://mashable.com/2014/04/09/pulling-messenger-facebook-mobile-terrible/?utm_campaign=Feed%3A+Mashable+%28Mashable%29&utm_cid=Mash-Prod-RSS-Feedburner-All-Partial&utm_medium=feed&utm_source=feedburner 
    Anyways, onward my friend. 
    Jamie

  218. says

    JamieCrager  “Making it less of a friction experience”? They actually expect people to buy that twaddle? Less friction would be the ability to interact as seamlessly as possible regardless of channel – app, mobile Facebook, or desktop. Having to witch between apps to experience the same platform? Yeah, that’s really frictionless…

  219. says

    Danny Brown JamieCragerYa, that’s what I thought. If you know anything about tech, social, apps, etc., no one is gonna believe what they are putting. out. I agree, a unified & simplified app is less resistance.

  220. says

    Danny Brown JamieCragerYes he did. It is poorly substantiated and some of his points are redundant. It is obvious he wrote the post in 5 min. just to get it live and be the first to write a post on it. With that said, between us, I’m sure we could come up with much better reasons like “adding friction, instead of less” to the argument, however if it is true that it will allow a kinder privacy policy on the main app, people may like it. I’m sure you can make great cases either way.

  221. DenzilDoyle says

    I am totally confused how much social apps do you have on your phone? Zero? Most social apps have some of the same privacy messages you showed in the screenshot above. These messages are not specific to Facebook, Google can also reads read your message and contact and call logs.

  222. StuartHarland says

    Whilst I can understand why you have some concerns – the idea that they can access all of your data without oversight is slightly concerning – the premise is more about their idea of integration than accessing everything you ever do. For example FB messenger can send and receive SMS in place of your normal phone’s capability.  Someone decided that that was a desirable function hence them needing access some of the stuff they request.

    The trouble you get with that is that android market place doesn’t give you the option to limit certain privileges. Ergo they either ask for all of what they need to do certain things, or they ask for none of them and have to leave out the above functionality entirely. Unfortunately when you install the app, there is no way to say “oh I don’t want that bit” and disallow the privileges required to make that bit work. This is a flaw with android, not Facebook. Android would say “we can’t do that” because it would make application install far more complicated and they have to cater for the Luddites out there.

  223. says

    StuartHarland  To a degree, yes, I agree, Stuart – the Android marketplace is certainly less controlled than the Apple’s equivalent. Yet speaking to devs who work in both, their overarching agreement is that Facebook is duplicitous in the Permissions their app asks for. Their explanation boils down to the need to read for security with regards two-step log-in; yet this feature is markedly missing from Twitter, for example, who only read the Receive Texts option.
    Given the news that Facebook are removing chat from the main app and forcing people to download Messenger, Facebook’s reasoning it’s needed for that function has lost its validity.

  224. StuartHarland says

    Danny Brown StuartHarland  I guess it comes down to the difference between “need” and “want”. They are justifying it from the point of view of simplicity – supposedly it’s far easier for them to write some code that reads texts from them to confirm you are logging in from your phone than using some interaction between the phone, the user and the app. However when you use two stage authentication with say a laptop – or any other device other than the phone you have registered with facebook for that matter – you have to do precisely this. Ergo ultimately this argument about two stage authentication is somewhat mute and involves extra overhead without any real justification. 

    As a result I would agree with you that their excuses are duplicitous, although that shouldn’t necessarily be translated as “FB want to read every SMS and record every phone call for ulterior motives”. 

    Ultimately it’s really about marketing. Facebook for android is basically trying to tie you into their platform for everything you do on the phone. There is a reason they want you to send SMS via their app, or initiate your phone calls through FB as opposed to via the phone’s inbuilt contact list. That reason is marketing. If you come out of FB to use your phone as a phone, you’re not exposed to their ads. Thus they make less money. 

    Personally I do not want those features – which is why I have them disabled in the app. However unfortunately there are people out there who do. As a result there is no middle way in Android to say “oh he doesn’t like that so we can disable it”. There should be and it’s mostly Google’s fault for designing it that way. 

    In terms of the moral bit, I’d imagine the UK data commissioner and most likely the EU Commission would be interested in what is and isn’t acceptable here – They have mandated tracking should be optional for the web. Perhaps they should do something similar for phone apps. After all the current design paradigms for android are “either accept it and use the app” or “deny it and lose out”.

  225. StuartHarland says

    @Chris  The problem with that argument is that it is so pervasive that in some fields you are essentially cutting off your nose to spite your face.

    If you walked into Walmart you wouldn’t expect to have to give over your communication details in order to buy a pint of milk. Any person would turn round and say that that is excessive and an invasion of privacy. However because it’s an app on android, the rules suddenly change. All of a sudden you’re put in a position of having to make the choice of convenience over potential safety issues associated with giving away too many rights.

    This issue isn’t just related to FB. There are plenty of apps out there that request access to rediculous things that they have no business needing. Yes you can choose to leave them out, but if you walk down that route too far you might as well become a hermit in a hole for all the good it will do you.

    The solution is better guidance and enforcement. Why does FB need this? If they can really justify it, then sure. Otherwise they should be influenced to stop it – or at least give you more control over your data.

    Beyond that, how many teenagers do you know who would say “no” to these terms in today’s culture and what that would mean in their social standing. There is such a thing as coercion, and their current track is very close to that.

  226. says

    Maybe I’m the only one that could care less about privacy as I don’t see a big deal here. Seems like pretty standard permissions if I want a messaging app to be able to message people on my contact list…

  227. says

    ScottAyres  If the piece was about the Messenger app, I’d agree (and there’d also be no article, given I’ve written previously about the Messenger app, as linked to in the post). But it’s about the main Facebook app – and, given Facebook’s recent announcement they’re removing messaging from the main app to force you to use Messenger, there’s even less need for some of the Permissions highlighted in the piece.

  228. docfox says

    Hi Danny
    If we are to believe facebook, the sms issue is just for the initial activation message. ‘if’ being the key word. I am sure you are aware of permission manager which can modify ap permissions, post instal. eg https://play.google.com/store/apps/details?id=com.gmail.heagoo.pmaster

  229. says

    docfox The problem is, other services with the “same” set-ups don’t require the Read and Write part (compare to Twitter, for example). Also, the majority of “average Joe” users won’t know about apps that deal with Permissions, etc. Nor should they be expected to, if developers and vendors played straight from the start.

  230. DaveWilson2 says

    Danny, being that you’re a writer and likely have more time to analyze things and then write a cohesive article n the subject, would it be possible for you to write a NEW article that outlines just why these permissions MIGHT ACTUALLY be needed as opposed to your paranoid view of why Facebook should care at all about you as a person?  Maybe there are actual, legitimate reasons for these permissions.  Maybe Facebook ISN’T the Devil but rather is just limited in how they can possibly word things to make lawyers happy as well as the paranoids of the world.  Maybe it’s Google’s fault that Facebook needs to go through these hoops in order to function on Android.  
    This comment is about all the time I want to waste on this.  I am not important enough for Facebook to care about.  I also don’t take part in illegal activities so they’re free to know whatever they want about me.  They will be quite bored in 20 minutes and move on.

    • says

      It’s an example used to compare with Facebook. The point being, I trust Jacki with my texts, but she’s never asked to read them, and this is my wife. So why on earth would I let a faceless entity, that’s shown numerous times before it can’t be trusted with your privacy, access? No thanks.

      • Christopher says

        Agreed! Knowledge is power… To add to the old axiom. Absolute power corrupts, absolutely! And absolute knowledge is absolute power!
        If you had billions of dollars at your disposal, and you had absolute knowledge and absolute power could you really stop yourself from wanting to be king… and then making that happen? Think about it!

Trackbacks

  1. […] So I continued using the old app until it expired, and Facebook automatically switched to the new one.  When I realized this, I deleted it off my phone.  I share a lot of info on the internet, and as a general rule, I’m not paranoid.  But I’m not voluntarily giving permission to Facebook to control/monitor my life.  Here’s an article on the same subject: Facebook for Android and Why Zuckerberg Now Owns Your A$$. […]

Comments