, , ,

Apps and permissions: Is Facebook Messenger spying on us?

Apple's World Wide Developers Conference Begins In San Francisco

Google Play’s app permission system is meant to inform users of how far into our data and device an application will be able to access before we install an app, or before updating an app with revised permissions. But most users are not likely to bother reading the entire thing, which means we may already be allowing some apps to eavesdrop on our conversations and track usage by accepting app permissions.

Such is the case with Facebook, which has, time and again, been accused of invading into user privacy. This concern was highlighted a few weeks back when the standalone Messenger app permissions were updated to now include access to call records, as well as access to the phone’s mic and camera and contact data. Messenger now wants to do the following and asks for blanket permission upon install or update:

  • “Record audio with the microphone … at any time without your confirmation”
  • Take videos and photos using the camera
  • Access the phone’s call log
  • Read data about contacts stored on the phone, “including the frequency with which you’ve called, emailed or communicated in other ways with specific individuals”

Android Messenger app permissions

In short, the Facebook app could essentially spy on a user and keep track of mobile usage and habits, and even conversations. The issue transcends Android, actually, as Facebook’s Messenger service has been criticized of tracking data across other mobile and desktop platforms.

Facebook Messenger under fire

In a recent class action lawsuit filed in California, Facebook has been accused of tracking URLs sent or received by users in its Messenger service, which includes the standalone Messenger app and the private messaging service built into Facebook. According to the plaintiffs, Facebook is profiting from the data gleaned from supposedly private conversations.

Granted, Facebook is known to keep track of usage, content and user information in order to aid its targeted ad campaigns for advertising clients. So-called “free” services like most social networks, email providers and other cloud services today, are free because these profit from advertising and other commercial revenue arising from their ability to track and analyze user behavior. Therefore, we can expect social networks and even services like Google’s AdWords to target commercial messages based on our interests — which can be beneficial, after all, if we don’t want spammy and unrelated messages.

The problem, however, is that the claim that private messaging is “private” in the first place, which is a misrepresentation, according to the plaintiffs’ lawyer.

Representing to users that the content of Facebook messages is ‘private’ creates an especially profitable opportunity for Facebook, because users who believe they are communicating on a service free from surveillance are likely to reveal facts about themselves that they would not reveal had they known the content was being monitored.

The class action lawsuit seeks up to $10,000 in damages for each Messenger user in the US. Facebook, however, maintains that the allegations are “without merit” and it intends to “vigorously” defend itself from the lawsuit.

Cause for paranoia?

Will you still use Facebook Messenger knowing that the app can automatically keep track of your activity by monitoring content and even turning on your phone’s mic and camera at any time without alerting you? Do you actually review each item on an app’s permissions page before installing it? And are there instances when you decided against installing an application because of the level of access it wants from you?

Sometimes, access to a device’s resources, such as the camera, mic, contact list and call log, might be necessary in ensuring a smooth user experience. For instance, Messenger can be used to make VoIP calls, after all. And the latest version matches users with your phonebook entries, so you can use the app to chat with people in your address book, but who may not yet be your friend on Facebook itself. But such unfettered access might be prone to abuse, and there’s no knowing what app developers can actually have their applications do? Add to this the ever-looming threat of the NSA eavesdropping on all our conversations.

It’s bad enough that a reputable developer such as Facebook would be accused of spying on users through its mobile application. Imagine the potential danger and damage that could be caused by a malicious developer that distributes apps that pretend to be the real thing, but are, in fact, fake. In an increasingly connected and mobile environment, is our private data safe and secure at all?

Image credits: Info Wars