Earlier in the week, the internet blew up over Facebook’s distribution of Messenger, their new instant messaging app (the much heralded WhatsApp they purchased for $19 Billion in February). The concern was over “revelations” about the invasive permissions the app was demanding on your cellphone once installed. For those of you dear readers, particularly friends and family, who don’t consider themselves to be living on the hairy, bleeding edge of technology but want to be safe in your mobile device (yeah, that’s the en vogue term for “cell phone” now), let me endeavor to help separate wheat from chaff.
While available for iPhone (which run’s Apple’s iOS operating system) and Android (the Google operating system on phones like Samsung’s Galaxy line or Amazon’s Firephone), as far as I can discern, the uproar developed quickly in response to Messenger’s Android Terms of Service which request a wide range of apparently invasive permissions, including the power to call phone numbers and send texts without your oversight. Given the fact that Facebook is doing all they can to move their users to Messenger as quickly as possible (in other words: FB users are being assaulted by requests/orders to install Messenger on their phones, from which a huge percentage of Facebook usage originates…particularly instant messaging).
Per the Huffington Post’s Sam Fiorella, Messenger can:
- Change the state of network connectivity
- Call phone numbers and send SMS messages
- Record audio, and take pictures and videos, at any time
- Read your phone’s call log, including info about incoming and outgoing calls
- Read your contact data, including who you call and email and how often
- Read personal profile information stored on your device
- Access the phone features of the device, like your phone number and device ID
- Get a list of accounts known by the phone, or other apps you use.
… so if you download Messenger on an Android phone, as many millions have already done, you give Facebook theoretical permission to look at virtually everything you do. Things operate a bit differently on an iPhone under iOS, but the basic (which I am about to explain) are fundamentally the same).
These kinds of permissions are not only common, but (if you think about them for a moment) necessary for the apps that request them to do their jobs, inasmuch as they actually require large amounts of personal data to do what we want/expect them to do. Whether its viewing what Wi-Fi networks we are attached to and the devices on that network or viewing our contacts or call logs, these actually (for better or worse, are fairly common. This is not say its not an important issue – I am just attempting to point out: you may already be granting these permissions to other apps that might not be quite so forthcoming about what they require to do their job.
Consumers’ unease is understandable, particularly since so few of us have any idea what we give apps permission to do. According to one study, it would take the average person 250 hours a year to read every terms of service he encounters on the daily — which justifies why fewer than one in 10 people actually read the terms in full.
In fact, our collective ignorance over this whole app permissions thing probably explains the hullabaloo over Messenger. Yes, it’s potentially “insidious,” to quote Fiorella, but so are Viber, MessageMe and virtually every other popular messaging app, all of which request comparably creepy permissions. On my insidiousness scale, at least, that ignorance of the devices and programs we use every day probably ranks higher than one overreaching app.
Now, I think it might appear that I’ve undersold the privacy concerns represented by Facebook Messenger’s permission requirements: fair enough. This concern was highlighted a few weeks back when the standalone Messenger app permissions were updated to now include access to call records, as well as access to the phone’s mic and camera and contact data. Messenger now wants to do the following and asks for blanket permission upon install or update:
“Record audio with the microphone … at any time without your confirmation”
Take videos and photos using the camera
Access the phone’s call log
Read data about contacts stored on the phone, “including the frequency with which you've called, emailed or communicated in other ways with specific individuals.
Essentially, Messenger could essentially spy on a user and keep track of mobile usage and habits, and even conversations. The issue tracks across mobile phones as the features requiring these permissions are common across platforms (the same problem on Android phones would exist on Apple’s iPhone, Windows Phones, etc.).
Granted, Facebook is known to keep track of usage, content and user information in order to aid its targeted ad campaigns for advertising clients. Google does this, Amazon does this… what do you think Google is doing distributing the Chrome Browser for free? So-called “free” services like most social networks, email providers and other cloud services today, are free because they profit from advertising and other commercial revenue arising from their ability to track and analyze user behavior. Therefore, we can expect social networks and even services like Google’s AdWords to target commercial messages based on our interests — some of these messages, you may find, are actually beneficial to you. I've certainly been pleasantly surprised (not that they found their way to me, but that those companies tracking/selling my information were actually providing me a service that I found of value!).
The problem, however, is that the claim that private messaging is “private” in the first place. There is a class action lawsuit now filed which purports these to be a misrepresentation. Representing to users that the content of Facebook messages is ‘private’ creates an especially profitable opportunity for Facebook (or, similarly, Google, Apple, Spotify, Amazon, etc.), because users who believe they are communicating on a service free from surveillance are likely to reveal facts about themselves that they would not reveal had they known the content was being monitored.
The class action lawsuit seeks up to $10,000 in damages for each Messenger user in the US. Facebook, however, maintains that the allegations are “without merit” and it intends to “vigorously” defend itself from the lawsuit. This ought to be interesting, don’t you think? Make no mistake: it will represent an historic decision in a confluence of economic and privacy rights.