The non-scary version of Facebook Messengers “Terms of Service”

Hi there – this is totally not what my blog is normally used for, but I got irritated after reading another article and, despite my better judgement, had to write a quick response. There’s been plenty of random junk going through Facebook over the years so I’m not quite sure why this one bothered me more than others, but it did. So if you haven’t yet, feel free to read the article in question, I’l wait.

Great, now let’s talk about a few things.

First… to clear something up…

  • What the author mentions there, are not Facebook Messengers “Terms of Service”. If you would like to review Facebook’s Terms of Service, and by all means you should, you can review that right here. If you’d like to see what exactly Facebook can do with your data, you can review their Data Use Policy right here.
  • What the author listed there are a list of permissions that each app, when it’s developed, must request in order to function, specifically on the Android system. We’re going to talk about that a bit.

I was fully prepared, when seeing this articles tagline, to see some sneaky little thing that Facebook did to change up their Privacy policy for only their Messenger app, or some special “TOS” that they created just for it… but instead I was assaulted by scare tactics and fear mongering, tossing out technical information randomly with absolutely no useful explanation what so ever. Why?

I’m absolutely amazed that this has picked up so much steam, and so many news outlets, some rather larges ones too, are spreading this around with next to no technical explanations. I get it, let’s pile on Facebook, it’s an easy target… but can we just pretend that there are some people actually interested in reality vs selling ads on your website drawing people in to read a bunch of crap?

OK so let’s chat about the permissions. I’m not going to pretend to know everything about every permission mentioned here, but I’ll try to see if I can help explain why Facebook Messenger might want it.

Also if you want to really familiarize yourself with Android Permissions, try this article. I’ll quote the permissions from our original article

  • Allows the app to change the state of network connectivity
    • So really what this is more commonly used for is to check the state of network connectivity. It’s one of those permissions that most all apps that require network connectivity have. This lets Facebook see if you’re connected to the internet (shock), and lets it see if you’re on Wifi or using your cellular network (horror.
  • Allows the app to call phone numbers without your intervention. This may result in unexpected charges or calls. Malicious apps may cost you money by making calls without your confirmation.
    • What irritating language. This lets Facebook place a call without you going through the dialer. So if someone types out a phone number in a message and you click it, Facebook will then place the call for you. Does the tic tac toe game you downloaded last week need this permission? Nope. But something that references phone numbers, sure.
  • Allows the app to send SMS messages. This may result in unexpected charges. Malicious apps may cost you money by sending messages without your confirmation.
    • Facebook Messenger at one point, not sure if they still do, wanted to be the be all and end all, similar to Hangouts in Android, for your messaging needs. So basically they’d let you read all your SMS messages through Messenger. That would be the reason for the SMS needs if I had to guess, again not much of a concern – it’s an option, you can enable it, or not.
  • Allows the app to record audio with microphone. This permission allows the app to record audio at any time without your confirmation.
    • Once again, this sounds scary. It’s not. Facebook Messenger lets you record audio and send it to other people who have Facebook or Facebook Messenger. I think you press a little button when you’re sending someone a message and it records you, then sends it off. Facebook needs permission to access the microphone, and it’s not going to popup a little message every time you click on that Microphone button saying “WAIT ARE YOU SURE YOU WANT FACEBOOK TO USE TO MICROPHONE!!?!?!?!?!?!?!”.
  • Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.
    • Same thing as the voice recording – Facebook Messenger has a little button that lets you take a picture and send it along with your conversation. It’s not taking pictures of you while you sleep – it uses it when you press the little button to take pictures.
  • Allows the app to read you phone’s call log, including data about incoming and outgoing calls. This permission allows apps to save your call log data, and malicious apps may share call log data without your knowledge.
    • This is used mostly to let apps add things to the call/sms log. Again this would be useful for Facebook to manage your SMS messages for you. Deep breath.
  • Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals.
    • Facebook, Facebook Messenger, LinkedIn, and who knows how many apps all love to get a look at your contacts. This has been going on forever, they look at your contacts, tell you if any of your contacts are on x service, prompt you to invite them to join, etc, etc. Nothing new.
  • Allows the app to read personal profile information stored on your device, such as your name and contact information. This means the app can identify you and may send your profile information to others.
    • Lets Facebook Messenger get the identity information off your profile. Multiple people can use an android tablet, multiple people can use this app with different profiles for each.
  • Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call.
    • See above with regards to the phone stuff. Just a standard permission.
  • Allows the app to get a list of accounts known by the phone. This may include any accounts created by applications you have installed.
    • Same thing – what accounts are on the phone. This is one of those permissions that most apps have.

Listen, I think it’s fantastic that people are interested in the security of their phone and learning a little more about the privacy settings that are offered, but calm down. Actually learn a bit about this stuff before you dive in.

The fact that Android has made this information public and required by each developer is great, and it is very useful when downloading random applications – if you’re downloading a crappy little game that suddenly wants access to your phone, text messages, emails, etc then you might wonder why, and deny that access – that would be a malicious application, which is what this is designed for.

Not this.

If you’re not interested in granting any of these permissions to apps on your phone, may I suggest you look into the purchase of a nice Nokia 3310… not much chance of Facebook accessing your camera from there.

Otherwise, don’t jump every time the media decides to scare you with the evils of technology. There are absolutely abuses of the power that we grant some of these companies, and they will absolutely push the boundaries, but app permissions aren’t where you should be looking. Dive into those Privacy Policies, ACTUAL Terms of Service and all that fun legal stuff if you’re really interested – there’s where the scary stuff lies.