comscore
News

Facebook email dump shows employees discussing ways to harvest call and SMS data of Android users

Facebook's new year could be filled with multiple parliamentary probes.

  • Published: December 6, 2018 3:12 PM IST
Facebook shared user data with 60 companies including Samsung, Apple,सावधान! 6 0 कंपनियों को बेच रहा है फेसबुक आपका डाटा, सैमसंग और एप्पल भी हैं शामिल

Early this year, reports emerged that Facebook has been collecting call, SMS and MMS data form Android app of its users. A report from ArsTechnica suggested that Facebook has been exploiting a loophole in Android to harvest call and SMS metadata without seeking consent. In response, Facebook said it has been collecting metadata through Facebook Lite and Messenger but seeks permission from users during the setup.

Now, Facebook’s credibility with data practice has once again come under the scanner after internal documents were made public by the UK Parliament. The documents show Facebook employees discussing how they can circumvent Android’s permissions request feature to access SMS and call history. The documents were collected from Six4Three, a company that made an app to look for bikini pictures of Facebook contacts. Six4Three sued the social media giant after it restricted developers from access to data in 2014.

Source: The Verge

During the discovery phase of its lawsuit, Six4Three uncovered documents that detailed Facebook’s internal policy and revealed privacy gaps in the Facebook partner API. Some of the incriminating information, if unearthed earlier, could have helped avoid the Cambridge Analytica scandal. The documents, recently procured by UK Parliament via rare use of power, sheds more light into gaps in privacy policy.

Source: The Verge

One of the documents received by the UK Parliament was a message thread from February 4, 2015, in which one Facebook employee wrote that the addition of a “read call log permission” would be “pretty high risk from PR perspective”. Another employee responded that Facebook’s “Growth” department was looking at a way to get call log permission without asking users permission via standard Android permissions dialog.

Facebook seems to have exploited a pre-Android 4.1 permissions practice which automatically granted call and SMS access together with request to access contacts. This email exchange shows how Facebook’s own employees were afraid of such a practice and it seems clear that Facebook exploited Android APIs to inexplicably gain access to call and SMS data.

The email thread further reveals that Facebook planned to use this data to enhance the ‘People You May Know’ feature and improve the feed ranking. Alongside, it was also revealed that Facebook whitelisted large tech companies including Netflix and Airbnb while it imposed data restrictions on developers in 2014. It means Facebook gave green card to these tech platforms to access user data while other developers were curtailed from such an activity.

“As we’ve said many times, Six4Three — creators of the Pikinis app — cherrypicked these documents from years ago as part of a lawsuit to force Facebook to share information on friends of the app’s users. The set of documents, by design, tells only one side of the story and omits important context,” Facebook said in a press statement.

Watch: Apple MacBook Air 2018 Hands-On

Facebook has been hit with allegations after allegations all through this year, starting Cambridge Analytica in early 2018. The trust on Facebook among internet users is at all time low and there are even talks of US government imposing restrictions on Facebook’s business practice. With a new Democratic House leading from January of 2019, the fortune of Facebook could be disrupted with the US government adding new governance against its business practices.

  • Published Date: December 6, 2018 3:12 PM IST