Claim: Use of the Facebook Messenger app requires user acceptance of many privacy-violating conditions.
Example: [Collected via e-mail, August 2014]
There are many articles circulating about all the privacy incursions of Facebooks new messenger app but I don’t think they could all
Origins: In mid-2014 Facebook rolled out the Facebook Messenger app, a standalone version of that social network’s instant chat feature which users accessed separately on their mobile devices (i.e., without launching the full Facebook app). That rollout prompted renewed interest in a December 2013 article by Sam Fiorella (circulated widely in August 2014) warned potential Facebook Messenger users that the app’s Terms of Service (TOS) “requires the acceptance of an alarming amount of personal data and direct control over your mobile device”:
Facebook’s Messenger App, which boasts over 1,000,000,000 downloads, requires the acceptance of an alarming amount of personal data and, even more startling, direct control over your mobile device. I’m willing to bet that few, if any, of those who downloaded this app read the full Terms of Service before accepting them and downloading the app.
If you’re one of those 1,000,000,000 people who have downloaded this app, take a moment to read the following. I’ve posted, word for word, a few of the most aggressive app permission you’ve accepted.
As others such as the Washington Post noted, however, many of these permission requests are neither uncommon nor unreasonable and aren’t really much different or more onerous than the permissions required by the main Facebook app itself:
In Facebook’s defense, there are plenty of legitimate reasons for requesting these permissions. Messenger needs access to your camera, for instance, so that you can send pictures, and few people would want to confirm microphone access every time they use the app to place a call.
These kinds of sweeping permissions are also extremely common — probably to a degree you don’t realize. Even the most vanilla apps collect extraordinary amounts of personal data: WeatherBug requests permission to view your
As with Messenger, the Kardashian game may have a valid reason to know when you get phone calls. (For instance, to save your spot before a call interrupts gameplay.)
Yes, [the permission requests are potentially “insidious,” but so are WhatsApp, Viber, MessageMe and virtually every other popular messaging app, all of which request comparably creepy permissions. On my insidiousness scale, at least, that ignorance of the devices and programs we use every day probably ranks higher than one overreaching app.
According to Facebook themselves, “the concerns about its Messenger app are overblown and based on misinformation,” as the Wall Street Journal reported:
Much of the problem, Facebook says, is due to Android’s rigid policy on permissions. Facebook says it doesn’t get to write its own, and instead must use generic language provided to them by Android. The language in the permissions “doesn’t necessarily reflect the way the Messenger app and other apps use them,” Facebook wrote in a Help Center article designed to address what it calls misinformation on the topic.
Facebook also says the quotes in the [Sam Fiorella] article are outdated.
Facebook says it has more control over the permissions language it uses in Apple iOS operating system, which handles the process differently.
Android users must agree to all permissions at once, before using the app, for every feature an app might use. On iPhones, users agree to the permissions when they come up during the normal use of the app. For instance, if an iPhone user never makes a voice call with Facebook Messenger, the app might never ask for permission to use the phone’s microphone.
While Android app users must agree to all permissions before using the app, iPhone users can decline to give permission to the app for some features, like access to the address book and microphone, but still use the app to send messages. Due to this, the iPhone version of the app is superior for particularly privacy-conscious users.
Regardless of the permissions, both the Android and the iOS Messenger apps are subject to the data use policies and terms that govern all Facebook users and every app within the Facebook family.
The bottom line is that, while some users might think it’s a drag to download a separate app for a feature that was once included in a single app, they’re not actually giving up a significant amount of additional privacy in the process.
The brouhaha over Facebook Messenger’s Terms of Service does highlight a couple of important issues with the apps many of us use these days. One is that “free” products are not truly free — someone has to pay for their development, deployment, and maintenance, and that funding is commonly accomplished these days by serving up ads to users. But advertisers want to be able target and personalize their ads to specific groups of viewers,
and that targeting requires knowledge of information about users such as their geographic locations, age, browsing habits, and the like. Providing this information is the trade-off we engage in as “payment” for the acquisition and use of free apps.
Another issue is that nearly all of us blindly accept the Terms of Service presented to us when we buy or download software without reading them, and that the TOS are becoming so increasingly lengthy that most of us simply couldn’t read, understand, and process them if we wanted to. A 2008
study found (as summarized by techdirt) that it would take the average person about a month of working time out of each year to just “read all the privacy policies you encounter on a daily basis” (exclusive of Terms of Service):
[A] report notes that if you actually bothered to read all the privacy policies you encounter on a daily basis, it would take you
They put all of this together and estimated that it would normally take a person about
And, here’s the thing: that’s only for privacy policies. Imagine if you read terms of service and end user license agreements
Whether Facebook Messenger’s TOS are truly “insidious” or not, Sam Fiorella warned that if users are willing to accept TOS as lengthy and involved as Facebook Messenger’s without reading them, app developers might be “emboldened” to include even more potentially invasive conditions in future TOS:
If this many people have not read the Messenger Terms of Service (or have read it and don’t care), how emboldened will mobile developers be in the future? I understand the nature of “free” mobile apps. I’m prepared to give up some personal data for the right to access a game, content, or social network for free and to have an improved advertising experience while enjoying that free service. However, Facebook has pushed this too far. It’s time we stood up and said “no!”
As exemplified by this comment and answer exchange between Sam Fiorella and a reader, all of this concern highlights a common modern dilemma: In order for apps to do what they need to do efficiently, they need to be granted a variety of accesses and permissions by users. Do we accept that such access will not be used for malicious purposes (by either the developers or unauthorized third parties), or do we give up ease of use in exchange for more cumbersome protections?
Oh for crying out loud…
[Facebook Messenger] needs permission to record audio & video so that you can send an audio or video message. It can’t do it without you asking it to.
It can make calls if you ask it to because it links your facebook and local contacts lists.
It absolutely CANNOT do these things without YOU initiating them! It needs the permission in advance so that when you ask it to do these things, they WORK.
Thanks for the comment. I would agree that it’s not Facebook Messenger’s intention to record audio or take a photo without being initiated (e.g., taking/adding a pic to a text msg) but once you give permission for the app to do so automatically, what’s to stop a hacker or other app from doing so? We have too much blind faith … that’s the point I’m trying to make.
Last updated: 8 August 2014
Albergotti, Reed. “Facebook Messenger Privacy Fears? Here’s What You Need to Know.” The Wall Street Journal. 8 August 2014. Dewey, Caitlin. “Yes, the Facebook Messenger App Requests Creepy, Invasive Permissions.” The Washington Post. 5 August 2014. Fiorella, Sam. “The Insidiousness of Facebook Messenger’s Mobile App Terms of Service.” The Huffington Post. 1 December 2013. techdirt. “To Read All of the Privacy Policies You Encounter …” 20 April 2012.