More fallout has come from Facebook and how it handles user data. ArsTechnica has been able to confirm what many users were sharing on Twitter: Facebook had been logging user call logs and text messages for years on Android devices, after users granted access to contacts:
This past week, a New Zealand man was looking through the data Facebook had collected from him in an archive he had pulled down from the social networking site. While scanning the information Facebook had stored about his contacts, Dylan McKay discovered something distressing: Facebook also had about two years’ worth of phone call metadata from his Android phone, including names, phone numbers, and the length of each call made or received.
Downloaded my facebook data as a ZIP file
Somehow it has my entire call history with my partner's mum pic.twitter.com/CIRUguf4vD
— Dylan McKay (@dylanmckaynz) March 21, 2018
As for Facebook’s response to the findings?
“The most important part of apps and services that help you make connections is to make it easy to find the people you want to connect with. So, the first time you sign in on your phone to a messaging or social app, it’s a widely used practice to begin by uploading your phone contacts.”
Facebook said contact uploading is optional, and permission is explicitly required from apps to access contacts. Also, users are able to delete contact data from profiles via a web tool.
Basically, if users allowed an app to read contacts during Facebook’s install dating back to Android 4.1 in 2012 (Jelly Bean), call and message log access was granted as well by default to the social network, unlike iOS, which does not allow access to these logs.
Facebook has been under intense scrutiny for its handling of the Cambridge Analytica user data scandal and is currently being investigated by Canada’s Privacy Commissioner and the FTC in the USA.
Note to self: never let an app have access to my contacts. #neverforget