A report from the London Sunday Times (paywall) claims that the Facebook mobile app for Android and iOS is accessing personal text messages residing on smartphones. The social website reportedly isn't denying its actions, saying that the data collection is part of a trial to launch its own messaging service. Even more, when the service actually goes live, users will be prompted to give permission.
"The permission is clearly disclosed on the app page in the Android marketplace and is in anticipation of new features that enable users to integrate Facebook features with their texts," a spokesman for Facebook said in a statement. "However, other than some very limited testing, we haven't launched anything yet so we're not using the permission."
The overall theme of the article reveals that companies like Facebook and Yahoo are accessing personal information -- including text messages and contact lists -- and intercepting phone calls without the user's knowledge. YouTube can reportedly remotely access and operate the users' smartphone camera to take pictures or videos at any given time. Even more, merely downloading basic apps can leave consumers vulnerable to a plethora of spam and invasive advertising.
But this is mostly nothing new. The problem, according to the paper, is that these features are clearly labeled in the terms and conditions -- something 70-percent of smartphone and tablet users rarely or don't even read because they're overly complicated and lengthy. Most of us generally give the app the green light when its flashes a list of permissions before installing without even reading what it will actually access.
As for Facebook's app, the permissions clearly state that it will read SMS or MMS messages, saying that permission "allows application to read SMS messages stored on your device or SIM card. Malicious applications may read your confidential messages." The app will also write to SMS messages stored on the device or SIM card, and receive and process SMS messages. Other permissions include reading contact data, writing contact data, determine the phone number and serial number of the phone, access the GPS and more.
Despite the listed permissions, Facebook told ZDNet that the Sunday Times paper was wrong, that there's no actual reading of user text messages. "Facebook said that lots of communications apps use these permissions, and the application technically has the capability to integrate with the phone’s SMS system, but added that it is for testing purposes," the report states.
According to a list of app permissions, Flickr has access to location data, text messages, contacts, who the user is calling, and the camera. Both Angry Birds and Shazam have access to location data and who the user is calling, whereas Netflix only keeps tabs on the user's internet history.
Out of fourteen listed apps, Netflix and Ancestry are the only two that don't keep tabs on who the user is calling, and only four don't collect location data. Four apps have direct access to the camera including dating site Badoo, Ancestry and My Fitness Pal. My Remote Lock will actually intercept a phone call.