Skip to main content

Individuals need to take some responsibility for their data privacy violations

I'm talking about the aggregate of evils regarding our privacy that Facebook has been caught doing red-handed, which finally has reached peak evil when it was found to be abusing Android permissions to scrape your call logs because it has your attention right now and this is important. Except the company wasn't really abusing anything and is just really really good at grabbing all of your data and that's just as important. It went pretty much like so:

  • Old versions of the Android READ_CONTACTS API bundled your call logs with a contact into the data about the contact itself.
  • Facebook wants you up upload your contacts so you can see others who also have the Facebook app installed (and can spam the ones who don't) and someone noticed that they could scrape the call logs and get information about who you called, who called you, when, and how long you talked.
  • Facebook being Facebook didn't bother to tell you it was doing this, but did say in their privacy policy that you can see and remove any data they have about you if you like so technically they were above the board here.
  • Android was updated and access to call logs was split out of the READ_CONTACTS permission.
  • The old permission still applied if you had an old phone, didn't revoke it yourself by reinstalling the Facebook app, or had a version of Facebook that was baked in and you didn't have any control over any of this to start with.
  • When you finally did update and saw the new permissions, you probably didn't read them and tapped install anyway. If you did read them, you probably didn't understand them and didn't bother to find out what they meant.
  • Zuckerberg buys a volcanic island and begins plans for his doomsday device. Probably.

I'll start by saying what we're all thinking and can all agree on: that's all seriously messed up. But a lot of it is our own fault and that's not something anyone wants to talk about.

Google may be able to "fix" this but then we shift trust and responsibility from one company that makes billions from our data to another.

Google should have never let this happen. Another thing most will agree with but is that really what we want? Google cannot see the future nor read anyone's mind. Some of the smartest people in tech work for Facebook and they simply found a way to game a system and they did until they had to stop. You can bet that there are smart people working at places like Facebook and trying to game the current system, too, because your data is what makes these companies worth billions of dollars. More of your data equals more dollars and if you can bring in more dollars to the company you work for some of it trickles down to you. And it's not Google's responsibility to monitor what you install and what you don't; it's only there to enforce the rules as best it can and update the rules when it thinks of a better way.

We also can't ignore that people have been telling us all that Facebook was a super shady company for a long time. This isn't even the first time the call-log scraping has been brought up to mostly deaf ears. And we've been told to read permissions and EULAs and everything else we have to agree with before we tap the Yes/Install/DO IT NOW buttons and largely ignored that advice, too. We've been given plenty of information that should have made us take a closer look at what Facebook was doing and most of us chose to ignore it because we didn't understand much of it or simply didn't care.

It's obvious that this all wasn't good enough or that nobody cared. We don't need to look any further than Facebook's current permissions that include the ability to pull all of the data from your call history and then check to see how many installs the app has to prove it. It's right there in black and white now and has been for a while, but people either trusted that Facebook would never do such a thing, didn't bother to even look at the permissions, or saw them and installed the app anyway.

I think and sincerely hope that it's just the difficulty of keeping track of it all and not that nobody cares.

Picking on Facebook is easy because it is so bad. But all of this goes for every app on every screen.

What's less obvious is how it can be fixed. If you're that person who doesn't care what type of information Facebook has on you and is OK with them doing whatever they like with it, you have nothing to worry about here. Please be sure to delete me from your contacts if I happen to be in them, by the way, because I care and Facebook also tries to build a profile on me based on any data you have about me without asking either of us for permission. For everyone else, it's simply time to take some responsibility and police our own actions. That's easier than you might think and here are a few tips to get you started.

  1. Know what you are giving a company and what you get in return. That means think about all the data a huge company like Google collects from you and how they handle that data then decide if it's a good deal for you. It also means to think small and decide if it's worth letting Toyota have access to your contacts so that your car can announce a caller by name while you're driving. Everything is give-and-take, and you need to make sure what they are taking is worth what they are giving.
  2. Every piece of software on every device with a screen has terms you need to agree to before you start using it. Read them. Read every word and question anything you do not understand. Question the answers you get, too, until you're satisfied.
  3. Decide what services you need versus what services you don't. Do you really need Alexa and Cortana and Google Assistant and Siri and Bixby and Roscoe's Rib Rack's automated drive-thru knowing everything about you? Keep the things you need (as long as you're comfortable with the terms) and ditch the things you don't.
  4. Don't sign in to your new Android phone during the setup. Skip past and get everything running so you can see what you might want to uninstall or disable before you've logged in with your Google account. Once you've deleted and disabled the huge amounts of spyware and garbage that companies love to install on your new phone, open the Gmail app and you'll be sent to the sign-in process.
  5. If you find apps on your phone that you can't disable or delete, find out why. The answer could be because of a legitimate need (many Android apps depend on other apps being in place to work) or it could be because that app is from a company interested in things you do and places you go and wants to send data back to the mothership. If, for example, you're not OK that some Android apps need Chrome to be installed and not disabled, make sure your next phone doesn't have Chrome installed. Or iTunes. Or OneNote. Or whatever.
  6. Use some common sense. And it's OK to ask questions if you don't trust your own common sense, too. Nobody is a walking encyclopedia that knows the right answer to everything and you'll always be able to find someone who is an expert on the things you aren't.

The old saying goes "if you want something done right, you do it yourself."

If we don't start taking some responsibility ourselves when it comes to our privacy there are no good outcomes. We don't want or need lawmakers who are older than the transistor itself trying to decide what's best for us, we don't want any one company (like Google) acting as a gateway for all of our personal information. And we don't want to keep seeing things like Facebook screwing us over (and over) until we have nothing left that it wants. We can do this. You can do this.

And you don't have to do it alone.

Jerry Hildenbrand
Jerry Hildenbrand

Jerry is an amateur woodworker and struggling shade tree mechanic. There's nothing he can't take apart, but many things he can't reassemble. You'll find him writing and speaking his loud opinion on Android Central and occasionally on Twitter.

45 Comments
  • I would like you guys to invite Rene to the next Android Central podcast and discuss this in general. His solution is Android (especially Google) is evil and everyone switch to iPhone 😁 At this point, it feels some bloggers are just using this as a marketing ploy in pushing their own bias instead of actually caring about people's privacy and what they should do.
  • I kinda agree. It's suddenly all out war on Facebook, and while some of it is deserved, it also feels like people are piling on while ignoring the possibilities of other potential dangers that just haven't been exposed yet.
  • +1
  • yes, we should totally be discussing all the unidentified issues rather than reported ones. (!?) sure, there's other issues, but you can't do anything about them until they are discovered! pushing for fixes on identified problems might help fix things beyond what is identified. one can hope anyway.
  • I also agree. Ever since I got on Facebook several years ago I always check on privacy settings about once a month. I also check Twitter often. Plus I only put a limited about of information in my bio. I have friends that list everything from personal email address, physical address, cellphone numbers & etc. After while, one of those will pop on public record county sites & bingo!!! Also, if people list their physical addresses then post they are going vacation, don't be too surprise when you come back to house with stuff missing. Even the most secure sites have been hacked in the last few years. I think certain people would just love to make Facebook suffer a little since it is the biggest social media site. The boycott is ridiculous & pointless because all social sites track something, & that's why their labeled "Social Media"
  • Rene is what the British call cigarettes.
  • Well it’s a fact that iPhone didn’t give permission to most apps to access your phone logs and that they always had a granular permission system! That’s just a fact
  • Hey folks, Googles business model is also ALL ABOUT YOUR DATA. Yes, I do think Google has taken this more seriously, however... I think it's nuts that I can no longer user my Samsung account on my Galaxy S8 Oreo unless I agree to share my contacts with Samsung! I also think it's nuts that I can't say "OK Google" on my Android phone to call my mother on my phone without agreeing to let Google monitor (and store) my every move! This whole data thing is hardly a Facebook only problem. It's with all ISPs, Mobile Carriers, Google, Microsoft, Credit Agencies, etc. Want to know why BIG DATA has gotten away with just about everything??? Could it be because Google, Facebook, Twitter, and Uber for starters are all based in the SF Bay Area? It's been crickets out of prominent Bay Area Congress folks in regards to Fake News and Big Data. But they yell "Russian's" at every opportunity!
  • Perhaps because the Trump administration is suddenly suffering from Russian amnesia?
  • I voted for H. I like tech and use it everyday. I am also a free market guy. I am just tired of the CA tech industry leaders saying all the right things to placate the politically correct audience, while driving up home prices so that every day folks can't afford them, begging cities for tax breaks for office complexes/server farms/warehouses, hiding profits offshore, building products with all kinds of minerals that were mined in ways they can't be mined in America, successfully blocking regulation and taxation of the internet, thus getting a free pass while the same particular party focuses on so called "robber barrons" of Wall Street and Big Oil the former of which financed the tech firms and the latter which fuels their private aircraft, yachts, and heats/cools their luxurious mansions all over the world. Meanwhile, Facebook is under assault for providing data to an organization that promoted a Conservative candidate while no one batted an eye when they made their data available for a liberal leading candidates in past elections. Yet STILL no CA politician has said much about Facebook and the national media still hasn't said anything about Google's data horde! Nor are any of the CA politicos on Google, Facebook, or Twitters case about being the PLATFORM for nefarious content that could have just as easily been created by someone sitting in an AL basement wearing underwear that was instead hatched out of a Russian and/or Ukranian troll farm! Hey, I'm not crazy about how tech is in some respects being misused for political gain, but come on folks apply the same standards to the PLATFORMS as well as the creators.
  • Yet you still voted for the very party who made it possible
  • You certainly won't find any anti-google articles on android central, I am not sure if they are afraid google will cut them off from the inside info, or they just protect the hive at all costs.
  • You mean Congress is since they can't seem to find anything
  • Question if you have one of those phones that let you lock down your contacts can Samsung still read them?
  • Just uninstall the FB app and use Chrome ... Better battery, less system resources used and no bloody annoying notifications.. Also if you make yourself have to log in each time, you will use FB less as it takes that little 5 secs longer to log on.... Wins all round AND FB gets to scrape less data on you. Just saying.
  • Some how I figured out what notifications can come through.
  • I just received an email verifying deltetion my account.
  • Facebook is greedy for doing what they did and deserve the crap they are getting at the moment.... but i think the guiltiest company of them all, Google, is not getting the scrutiny it should be getting by the press. Their whole company literally is made to suck in as much of your data as possible, then use it to profit, which is why most of their products are "free" of charge. I think if we were surprised about how much data FB had on us, i think Google's data would eclipse what FB ever had on us. This is the reason i try to avoid using Google products as much as possible....but not using an Android phone is not an option for me as the Iphone ecosystem is not for me.
  • The difference is that Google has never denied that they use user-data for profit, heck they outright admit it. However Google has gone out of their way to protect that user data, and has demonstrated time and time again that they're good at protecting it. They don't sell the data itself. They instead sell a service that delivers a product based on that protected data. And as well offers solutions for the user to delete that data. Big difference.  
  • Yes....but who controls Google? Google is big enough that it's hard not to use any of their products if you spend at least some time online. Obama's administration outright admitted sucking up all FB data and FB COO was already caught helping Hillary behind closed doors and this was even before all this privacy violation stuff came to light. Who is to say Google has not done or will not do the same with whatever political candidate they support? Maybe current ceo has good morals but who's to say future ceo will or maybe just a regular employee going rogue? I really think we need some online privacy laws on the books. Google should let users know exactly what Google collects. I do not believe for a second the privacy options they offer cover everything they collect of you. Literally let users see what Google themselves see of your data. Then let you opt out or opt in to whatever you personally feel comfortable Google knowing. FB was scraping call logs without users knowing....I don't think i'm being unfair to think that Google is collecting more data than they let you know.
  • "Google should let users know exactly what Google collects. I do not believe for a second the privacy options they offer cover everything they collect of you. Literally let users see what Google themselves see of your data. Then let you opt out or opt in to whatever you personally feel comfortable Google knowing." Google already does this. Every ounce of information is located under "My Activity" on your account.
  • "Google has gone out of their way to protect that user data" You really believe this? You sure that they don't allow apps into the play store that have adware/malware in them, over and over (never reported on androidcentral of course) So if those apps can steal your user data, what other apps may be stealing your user data or collecting your contact that you don't know about and google has never really tested the apps to be sure they aren't grabbing your data.
  • Plus 1000! It's only a matter of time until some politicians browsing history and/or search history is leaked on line! Every other BIG BUSINESS in America has 100 times or more greater regulation than BIG DATA! Murdoch said it best when Trump said, "the tech guys need my help." Murdoch essentially told Trump, "Tech guys ran the Obama administration." Then hung up and called Trump a Moron! Don't forget Google fixed the Obamacare exchanges after that billion dollar boondoggle. Obama, Pelosi, Feinstein, etc. paid Google back BIG TIME!
  • I don't think you understand the concept of greed....
  • I stopped using FB years and years ago. Not because I am cool, but because it's obnoxious and creepy. Some folks need that messenger though. 🤔
  • I did too, mostly because I don't use it, and secondly it just sucked the battery.
    Messenger I keep, for some reason.. I suspect messenger alone is just as bad, as they have my entire page to data mine when I'm not online.
  • It's Facebook today. It's somebody else tomorrow. The whole social-media and free/freemium model of delivering services if severely flawed and in need of overhaul. The problem is that convenience, especially free convenience, trumps all else for everyone but a very, very select minority. Industries are learning how to exploit this desire for free and convenient and are taking advantage of it at every step. Consumers should absolutely be put on the spot for not being responsible; however, it is a bit daft to expect the masses to take up the chief responsibility for policing the entire industry by managing upwards. The sheer number and complexity of all of these services would leave one needing a near full-time job and a degree in legal just to weed through the language of the convoluted agreements put forward with each service. The fact is that today in most cases you cannot even use the software at all unless you agree to some EULA that is asking for excess access to your personal information. This then results in forced conformity. Anyway, this is the news today. In a few weeks everyone will forget about it and continue to just give their lives over for free for every single service there is...big data, etc.
  • How about this solution: Give the people a choice. If the folk want privacy then they should have complete privacy (no tracking or sucking up info) and pay a fee for the program usage. If the folk want a free program or usage then they have to give up their privacy. I think it is very simple but the companies will not offer us the choice because they do not believe (in most cases) that what they are offering is worth someone paying them for it.
  • Or conversely, they believe that your data is in the long-run a much more profitable asset to hold and therefore priority should be to collect as much of this data as possible vs. collecting some measly profit for services, now. They're not doing any of the things that they are doing out of the goodness of their hearts or some other altruistic measure. There is no free lunch.
  • There's cameras everywhere in the world now. People need to get used to the idea that someone always knows where your are and what your are doing. Also your carrier knows who you call and text. Also if you use public wifi your activity is likely logged.
  • The transparent society...read it. You're welcome.
  • If you're not paying for it...then you are the product. Welcome to the world of wanting everything for free when you find out it's not really free. Now if I'm paying and you sell my info I'd have a problem with that. I read somewhere that facebook only makes about $30 a year per subscriber, so if they wanted to they could just offer a pay service and keep your info private...that wont happen.
  • Hey Jerry this is a bogus idea.
    Reading all the data included with a "normal" install would take over a year including acquiring the knowledge to get something out of it. And most wouldn't understand what their reading anyway.
    Get real.
    Trust is what was given and it shouldn't have been. That's the truth.
  • I think people generally trust the bigger companies [and therefore don't feel the need to read the permissions thoroughly] because those companies have a lot to lose if they mishandle your information or take advantage of your trust. Facebook took advantage of that trust and now they're suffering the consequences.
  • Imagine androidcentral will protect the google hive at all costs, never say anything bad about google and android and the security issues, but I have never seen this site EVER call out the issues with google and android.
  • What issues are you referring to?
  • An interesting take on constant surveillance on a parallel Earth - Neanderthals by Robert J Sawyer. Book one of a trilogy about an Earth where humans died out and Neanderthals developed. A thoroughly good read if you like that sort of thing.
  • Well said, Jerry. Years ago, I worked at a smallish broadband and dial-up ISP -- and it constantly amazed me how many people had NO CLUE what they agreed to when they agreed to our ToS and AuP (Terms of Service and Acceptable Use Policy). I recall being screamed at many times about how I had no right to suspend their service for a violation of a policy they'd never read. I used to gladly point them to the relevant section of the policy, and enjoyed the dead silence once they realized they had nothing. Always read the fine print. Seriously. And don't be shocked when not reading it bites you. I never trusted Faceplant. Ever. My current account is nothing but fake info and uses an old email address of mine that pretty much no one has and is literally linked to nothing else (my first gmail account, back during the beta days). As such, Faceplant has connected me to some random person I was nice enough to hand a Gmail invite to way back then, because they are constantly pushing his entire friend network on me. ALL THE TIME. The only reason I even have the account is to move mobile game saves to new phones (another peeve of mine is that this is still one of the only ways to copy some game data from device to device).
  • comment was deleted by user
  • I sincerely appreciate you guys educating the public on their responsibility to safeguard their data. I come here almost daily to read the articles and learn of the weekly events. It is much appreciated. This has to be a repeatable event. I've seen people who - live - to take advantage of niave people. That's how they make their living. And those types of people \ applications will never stop. Period. There is too much money involved. That's why as a past hobbyist programmer, I fully support frequent security updates and OS updates. The Android community as a whole - accepted and preferred the cost free - advertisement type - of applications compared to the pay for apps style similar to Apple... Be careful what you wish for -
  • I believe the facebook is beyond the tipping point of being able to effectively police themselves. Data mining issues aside, facebook has also spawned a laundry list of other things that should be a concern to others. -Criminal sub groups that have presence through closed groups and or operate in code to evade the law.
    -The lack of accountability by facebook for allowing minors to register.
    -Uncivil discourse.
    -The dilution of credible news gathering services around the world.
    -The dilution of cultures.
    -The loss of independent and critical thinking.
    -The creation of Slacktivism. Zuckerberg is on the record for stating that his goal is to connect the world but I think there are far better ways to stay in touch with friends and family.
  • I agree very much with you, but good luck getting through to many people. I'm looking at my app drawer right now and do you know how many apps I have on my phone? (I have a Pixel 2 XL) 36. And that is including Settings, Phone, Chrome, Maps, Camera, Calendar, Calculator, Clock, Downloads, and Contacts. So I've downloaded all of like 20 apps to my phone. These people who have pages and pages and pages and pages and pages of apps....I just don't get it. And they're the people who wonder why their phones slow down quick, why their personal data is everywhere, why they receive loads and loads of spam mail, etc. You do not NEED a freaking app for every single aspect of your life. Good lord.
  • I have never used Facebook (or other such) . However I have many friends that do and they call me or I call them. So that means that I am in Facebook's data bank. BTW this forum, I would guess has such a file on us as well. The day is long gone when you can live with my head in the sand. Any information you get from the net or any media should not be taken as absolute fact. I am sure you know that the closer you are to a traffic accedent the LESS likely you are to recognize a story about it on TV or in the paper.
  • This is actually great turn of events. Unitl now, most people were unaware of the absolute intrusion and what's done with their private data. It shines the light not just on FB crime, but of all other big players. Hopefully, we'll see more and more people backing and supporting other OS platforms as well - Open Source Projects. Android and iOS have got to go or radically change their business models. Android is definitely worse. All those truly concerned about privacy, either close social network accounts or stop having intimate conversations through their services, watch what's being shared and with whom.
    Same with Gmail. Pay for protonmail or any other service where they don't look at your data nor save or share with anyone.
    Also, if one needs to use FB, Instagram , etc , it's better to use it through the browser and VPN on - uninstall all of their Apps. Jerry,
    I'm curious if you pre ordered the
    Librem 5 phone. Kinda checks a few important boxes for you -
    Privacy and Size factor. :)
    I really hope they make it function proper for daily use. https://puri.sm/shop/librem-5/ Another Question for Jerry and others in the know-
    I de-activated my FB 5 years ago, how do I make sure that nothing is stored there? I know that they allow you to re-activate it at any point with convenience of retrieving all data, but was hoping that after certain period of time they automatically delete all the files.
  • Ah, the good old days when it was only grocery stores that wanted your buying habit info by offering loyalty programs like Airmiles. I allow Google to target a few things. It is a courtesy data giveback because I do appreciate free: Google maps, Docs, Sheets, Gmail, Chrome... I'm even thankful for my Google Play music subscription I pay for. The Canadian government, through CSIS (intelligence agency like the CIA) has had a standing court order to access any mobile or internet content long before the Snowden leaks. We know America records every phone call to the Middle East... etc, etc... In fact, I might google how much slower the internet is because governments are online collecting data. China has aggressively introduced facial recognition everywhere in society through public cameras... And I consider facial recognition to unlock phones a baby step to get the western world comfortably numb to the technology. British facial recognition for passports is a great thing... But you can be tracked everywhere in London by the technology. I suspect Facebook privacy controls are intentionally complicated. It is a submenu mess of a system. There are lots of people who have zero critical thinking skills. They aren't stupid... They just don't care and chose ignorance. Others are intimidated by technology, and just getting online and basic use of a smartphone is challenging. They are the ones who leave their Facebook friends lists public, all their posts public, etc. I'm notorious for commenting on Facebook, then every month or so delete everything I wrote... It need not be permanent. The easiest way to do so is through your Facebook activity log. In fact, an activity log for Android Central would be a nice feature... Or maybe just a nuclear button that allows you to delete every article comment you make... Practice what you preach AC?