Facebook harvested phone call and SMS data from Android users for years - Sensationalist Headlines

Facebook scraped call, text message data for years from Android .. This past week, a New Zealand man was looking through the data Facebook had collected from him in an archive he had pulled down from the social networking site. While scanning the information Facebook had stored about his contacts, Dylan McKay discovered something distressing: Facebook also had about two years' worth of phone call metadata from his Android phone, including names, phone numbers, and the length of each call made or received. https://twitter.com/dylanmckaynz/status/976368845635035138?ref_src=twsrc%5Etfw&ref_url=https%3A%2F%2Farstechnica.com%2Finformation-technology%2F2018%2F03%2Ffacebook-scraped-call-text-message-data-for-years-from-android-phones%2F&tfw_creator=thepacketrat&tfw_site=arstechnica If you granted permission to read contacts during Facebook's installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean)—that permission also granted Facebook access to call and message logs by default. The permission structure was changed in the Android API in version 16. But Android applications could bypass this change if they were written to earlier versions of the API, so Facebook API could continue to gain access to call and SMS data by specifying an earlier Android SDK version. Google deprecated version 4.0 of the Android API in October 2017—the point at which the latest call metadata in Facebook users' data was found. Apple iOS has never allowed silent access to call data. Time for this shitty site to go.

United States v. Facebook? Would love to see Facebook get their ass handed to them by the Supreme Court.

Yeah, I should have kept note when I downloaded my archive and discover that the FB app logged my calls from Jan 2016 to Aug 2016 That was the time I broke my S5 and had to replace it with a crappy smartphone until I upgraded it on August. I guess the permission on that phone was on by default, but fuck me for breaking my phone and not checking permissions in the first place :/

How does this take a New Zealand man to figure this out? How did all the privacy watchdogs not find out earlier?

FWIW: i can't replicate this, had an FB account since 2009, had Android phone since 2011

To think of all the times people called me paranoid when I told them they are being tracked, and then this news come out, which is even worse than what I imagined.

Cook County filed a lawsuit against Facebook and SCL Group on Friday for fraud. Hopefully this is the first of many, many lawsuits.

Boy am I glad I never bothered to make a Facebook account.

Well just an account isn't a bad thing. Problem here is using the app on android. I never used it, so they don't have anything from me there.

If you granted permission to read contacts during Facebook's installation on Android a few versions ago—specifically before Android 4.1 (Jelly Bean) you would have had to set the setting six years ago and not have changed it since, meaning you would migrate everything from phone to phone to keep it going

they've been targeting ICS for quite some time up until google said no i had permissions granted from the get go

Saw this coming a mile away when they offered to use messenger for your SMS client

really tiring how the facebook app & messenger combo comes pre-installed with just about every phone I've ever bought. first thing I do with new phones is either disable it, or completely uninstall it (as much as my phones have let me with bloatware garbage like that)

Thats why you don't allow that stuff. Also, Facebook has a feature that allows you to use Messenger to make phone calls and text message from the app so that's why they have it.

Well as an android user for the better part of most my life then I'm sure I'll find call records going as far back as 2013 This is so fucking shit

It seems like all the major, popular sites these days are doing something stupid, shady or downright scummy. At least, more so than usual.

Deleted my Facebook a while ago, I just never used it. Then all the recent news broke and now I know I made the right decision. Even though I've always been an iOS user and never had anything like this scraped from my phone, they've got a shitload of other data on me just from the ways that they track people across the net, not to mention all the things I voluntarily gave them.

So me refusing to have the facebook app installed on my phone wasn't unreasonable. I was forced to have the messenger app for a few weeks though and I currently have what's app which I was removing regardless since I don't use it anymore. Hopefully they don't scrape your phone but knowing facebook they probably do.

I wish I could delete facebook, but my friends all communicate social events through it, so I'll be out of the loop if I bail. I barely ever post on it though, and I intend to keep it that way.

Yeah, when facebook removed me from the platform, it became a lot harder to keep in contact with what my friends were planning. I've never been to an event since, and that was over three years ago I still talk to some of them over twitter and the odd yearly convention when we run into each other. I could cope with it pretty easily though

As if I needed any more reason to drop that shithole of a site.

I found this going through my archive just around this morning. I noticed after a few seconds the contact info it had was all from my old Android phones which carried your info over onto new phones because one of the numbers belong to someone I don't work for anymore and had lost his number when I changed to an iPhone. I always refused to install the messenger app on it and ended up not seeing a lot of messages

After I got my nexus 5X i just didn't install Facebook, haven't regretted it once.

I've actually seen this myself several days ago. I just figured this was common knowledge as anyone can download a backup of what FB has on you...

Man its a good thing I've practically used Tinfoil for Facebook for the vast majority of time I've had an android phone.

Just because you're not paranoid doesn't mean that they're not after you.

Unable to replicate; as noted in OP, this appears to be an 'opt-in' where Facebook prevented you from opting out. If you never opted into Facebook's Contacts permission back when Android phones became the Next Big Thing, you're safe from this specific attack.

Sorry if I am just a bad reader but is all this stuff Facebook doing illegal? I mean there has to be fine print somewhere that you agreed to when signing up for Facebook. Don't get me wrong I hate big data collection as much as the next guy but what is the legal standing of this?

Think of what this would mean if you had a stalker that got access to this info

Fact Check -- direct from facebook https://i.imgur.com/nDko1qj.png