Claim: Use of the Facebook Messenger app requires user acceptance of many privacy-violating conditions.
Example: [Collected via e-mail, August 2014]
Origins: In mid-2014 Facebook rolled out the Facebook Messenger app, a standalone version of that social network's instant chat feature which users accessed separately on their mobile devices (i.e., without launching the full Facebook app). That rollout prompted renewed interest in a December 2013 article by Sam Fiorella (circulated widely in August 2014) warned potential Facebook Messenger users that the app's Terms of Service (TOS) "requires the acceptance of an alarming amount of personal data and direct control over your mobile device":
If you're one of those 1,000,000,000 people who have downloaded this app, take a moment to read the following. I've posted, word for word, a few of the most aggressive app permission you've accepted.
As others such as the Washington Post noted, however, many of these permission requests are neither uncommon nor unreasonable and aren't really much different or more onerous than the permissions required by the main Facebook app itself:
These kinds of sweeping permissions are also extremely common — probably to a degree you don’t realize. Even the most vanilla apps collect extraordinary amounts of personal data: WeatherBug requests permission to view your
As with Messenger, the Kardashian game may have a valid reason to know when you get phone calls. (For instance, to save your spot before a call interrupts gameplay.)
Yes, [the permission requests are potentially "insidious," but so are WhatsApp, Viber, MessageMe and virtually every other popular messaging app, all of which request comparably creepy permissions. On my insidiousness scale, at least, that ignorance of the devices and programs we use every day probably ranks higher than one overreaching app.
According to Facebook themselves, "the concerns about its Messenger app are overblown and based on misinformation," as the Wall Street Journal reported:
Facebook also says the quotes in the [Sam Fiorella] article are outdated.
Facebook says it has more control over the permissions language it uses in Apple iOS operating system, which handles the process differently. Android users must agree to all permissions at once, before using the app, for every feature an app might use. On iPhones, users agree to the permissions when they come up during the normal use of the app. For instance, if an iPhone user never makes a voice call with Facebook Messenger, the app might never ask for permission to use the phone’s microphone.
While Android app users must agree to all permissions before using the app, iPhone users can decline to give permission to the app for some features, like access to the address book and microphone, but still use the app to send messages. Due to this, the iPhone version of the app is superior for particularly privacy-conscious users.
Regardless of the permissions, both the Android and the iOS Messenger apps are subject to the data use policies and terms that govern all Facebook users and every app within the Facebook family.
The bottom line is that, while some users might think it’s a drag to download a separate app for a feature that was once included in a single app, they’re not actually giving up a significant amount of additional privacy in the process.
The brouhaha over Facebook Messenger's Terms of Service does highlight a couple of important issues with the apps many of us use these days. One is that "free" products are not truly free — someone has to pay for their development, deployment, and maintenance, and that funding is commonly accomplished these days by serving up ads to users. But advertisers want to be able target and personalize their ads to specific groups of viewers,
Another issue is that nearly all of us blindly accept the Terms of Service presented to us when we buy or download software without reading them, and that the TOS are becoming so increasingly lengthy that most of us simply couldn't read, understand, and process them if we wanted to. A 2008 study found (as summarized by techdirt) that it would take the average person about a month of working time out of each year to just "read all the privacy policies you encounter on a daily basis" (exclusive of Terms of Service):
They put all of this together and estimated that it would normally take a person about
And, here's the thing: that's only for privacy policies. Imagine if you read terms of service and end user license agreements
Whether Facebook Messenger's TOS are truly "insidious" or not, Sam Fiorella warned that if users are willing to accept TOS as lengthy and involved as Facebook Messenger's without reading them, app developers might be "emboldened" to include even more potentially invasive conditions in future TOS:
As exemplified by this comment and answer exchange between Sam Fiorella and a reader, all of this concern highlights a common modern dilemma: In order for apps to do what they need to do efficiently, they need to be granted a variety of accesses and permissions by users. Do we accept that such access will not be used for malicious purposes (by either the developers or unauthorized third parties), or do we give up ease of use in exchange for more cumbersome protections?
[Facebook Messenger] needs permission to record audio & video so that you can send an audio or video message. It can't do it without you asking it to.
It can make calls if you ask it to because it links your facebook and local contacts lists.
It absolutely CANNOT do these things without YOU initiating them! It needs the permission in advance so that when you ask it to do these things, they WORK.
Thanks for the comment. I would agree that it's not Facebook Messenger's intention to record audio or take a photo without being initiated (e.g., taking/adding a pic to a text msg) but once you give permission for the app to do so automatically, what's to stop a hacker or other app from doing so? We have too much blind faith ... that's the point I'm trying to make.
Last updated: 8 August 2014
Albergotti, Reed. "Facebook Messenger Privacy Fears? Here’s What You Need to Know." The Wall Street Journal. 8 August 2014. Dewey, Caitlin. "Yes, the Facebook Messenger App Requests Creepy, Invasive Permissions." The Washington Post. 5 August 2014. Fiorella, Sam. "The Insidiousness of Facebook Messenger's Mobile App Terms of Service." The Huffington Post. 1 December 2013. techdirt. "To Read All of the Privacy Policies You Encounter ..." 20 April 2012.