Home > Cyber News > Be Worried: Facebook Scraped SMS and Calls Data on Android Devices

Be Worried: Facebook Scraped SMS and Calls Data on Android Devices

Facebook is once again at the center of attention, following the events from last week when the Cambridge Analytica scandal burst out. Now, it has come to the attention of several users that the Facebook’s mobile apps for Android have been recording user data beyond the imaginable and admissible data collection. How did these users become aware of this phone and SMS scraping behavior? After they downloaded an archive of their Facebook data to check what it contained – an action which was undoubtedly triggered by the Cambridge Analytica’s wrongdoings.

Related Story: 50 Million Facebook Profiles Exploited for Trump’s Election Campaign

Facebook’s Mobile Apps for Android Logging SMS and Calls: What’s Happening?

Just last week it came to our knowledge that the data analytics firm, Cambridge Analytica, that had professional relations with Donald Trump’s election team harvested millions of US voters’ Facebook profiles. What is more, the firm was headed at that time by Trump’s key adviser Steve Bannon. Now, it turns out that the social network is abusing some of its users’ privacy to an unimaginable level, of course, without their actual knowledge.

The type of information that some users noticed being collected by the mobile apps of Facebook includes data on all phone calls made on the particular device, the start time and duration of every call, and the contact’s name.
Interestingly, the app didn’t log calls from numbers outside the user’s address book. In addition to the call information, the Facebook mobile app was “caught” logging information on all SMS messages (both sent and received). However, the actual text within these messages was not collected.

Here’s what some of affected users shared on Twitter regarding their unexpected findings:

@mat_johnson user on March 23, 2018: Oh wow my deleted Facebook Zip file contains info on every single phone cellphone call and text I made for about a year- cool totally not creepy.
@mat_johnson user on March 23, 2018: Download your Facebook account .zip off their site, unzip it, then go to the HTML folder, open the contact_info.htm file. See records of who you’ve talked to on your cell—not with the app, just on your regular cellphone—and for how long. https://t.co/l9BDEJu3Hx

@dylanmckaynz user on March 21, 2018: Downloaded my facebook data as a ZIP file. Somehow it has my entire call history with my partner’s mum pic.twitter.com/CIRUguf4vD

What is mostly alarming here is that this whole Facebook user privacy scandal was made public in January 2017 when Zimperium Android security specialist Simone Margaritelli published a detailed article on Medium. The article is in Italian, and here’s what it said (translated from Italian via Google Translate):

Yesterday evening, surfing the net I do not remember where, I stumbled upon this article titled, translating, “Bring your loved ones out of Facebook”. Despite my interest in privacy issues, I have always been, at least up to now, one of those who deluded themselves that they have control over many of their information, one of those who accepts the various terms of service without reading, one of those that when others, a year ago, shouted to the scandal for the new privacy rules of Facebook and WhatsApp, he thought “ok, but we know what happens, it is we who upload the information and decide what to load and what not […].

I state an important thing, I have no idea what combination of privacy settings, applications installed on my smartphone and synchronization processes have made this possible, still mea culpa, I have not read all the various TOS, the required permissions, the clauses in light gray on white. But the fact is that what I’m about to show you, how much I found in the backup of my data, should not be in their [Facebook’s] possession, it is simply wrong and, as a developer and researcher, I see no technical reason why they should collect certain information, independently from what I have more or less indirectly accepted (so much so that there has been and perhaps still is a lawsuit in Europe against Facebook … it seems that here it is illegal to even propose certain conditions to people)

How Can I Permanently Delete My Facebook Account?

In the wake of recent scandalous events surrounding the Facebook – Cambridge Analytica discoveries, and now this Inexplicable collection of SMS and calls data, it is no wonder that many users are choosing to deactivate or delete their accounts. This is how to do it.

1.Back up your Facebook data

The first step you may want to take is back up all your Facebook data and download it your computer. How is this possible? Open the Facebook menu by clicking on the arrow in upper right corner in the Facebook navigation. Then select Settings and go to General Account Settings and select the “Download a copy of your Facebook data” option as shown below:

2.Use the Social Book Post Manager

Use the Social Book Post Manager browser extension which allows you to “batch delete posts in Fackbook (TM) timeline. Other batch processing: privacy / hide / unhide / unlike items.”

Why is this step needed? You may want to manually clear your posts on Facebook because the deletion of an account could take up to 90 days!

3.Actually delete your Facebook account. For good.

To do this, simply open the Delete Facebook Account page. This is where Facebook lets you know that they “can take care of this for you”. Remember that once your account is deleted you will not be able to reactivate it:

If you do not think you will use Facebook again and would like your account deleted, we can take care of this for you. Keep in mind that you will not be able to reactivate your account or retrieve any of the content or information you have added.

Related Story: Android Users, How Much Do You Know about Ultrasonic Tracking?

Why Is Facebook Logging Call and SMS Data?

It should be noted that the social network doesn’t do this by default. This is only done when the user has enabled the Facebook app to tap into their contact list to find new Facebook friends via the phone numbers kept in the phone’s address book.

Nonetheless, it remains unclear as to why Facebook was logging SMS and call data in the first place.

Facebook responded to reports and inquiries that it collected phone and SMS data without users’ knowledge in a “fact check” blog post published on March 25, 2018:

Call and text history logging is part of an opt-in feature for people using Messenger or Facebook Lite on Android. This helps you find and stay connected with the people you care about, and provide you with a better experience across Facebook. People have to expressly agree to use this feature. If, at any time, they no longer wish to use this feature they can turn it off in settings, or here for Facebook Lite users, and all previously shared call and text history shared via that app is deleted. While we receive certain permissions from Android, uploading this information has always been opt-in only.

After learning all of this information, are you planning on deleting your Facebook account for good? Let us know in the comments below!

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum since the project started. A professional with 10+ years of experience in creating engaging content. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles! Follow Milena @Milenyim

More Posts

Follow Me:

Leave a Comment

Your email address will not be published. Required fields are marked *

This website uses cookies to improve user experience. By using our website you consent to all cookies in accordance with our Privacy Policy.
I Agree