privacy

How Much Access Does Facebook App Have?

These are the permissions Facebook app has on Android devices:

Device & app history:

Retrieve running apps

Storage:

– read the contents of your USB storage
– modify or delete the contents of your USB storage

Location:

– approximate location (network-based)
– precise location (GPS and network-based)

Phone:

– write call log
– read phone status and identity
– read call log
– directly call phone numbers

Microphone:

– record audio

Identity:

– add or remove accounts
– read your own contact card
– find accounts on the device

Wi-Fi connection information

– view Wi-Fi connections

SMS:

– read your text messages (SMS or MMS)

Calendar:

– add or modify calendar events and send email to guests without owners’ knowledge
– read calendar events plus confidential information

Contacts:

– read your contacts
– modify your contacts
– find accounts on the device

Device ID & call information:

– read phone status and identity

Photos/Media/Files:

– read the contents of your USB storage
– modify or delete the contents of your USB storage

Camera:

– take pictures and videos

Other:

download files without notification
receive data from Internet
adjust your wallpaper size
control Near Field Communication
create accounts and set passwords

toggle sync on and off
view network connections
send sticky broadcast
change your audio settings
set wallpaper

reorder running apps
modify system settings
read sync settings
install shortcuts
prevent device from sleeping
connect and disconnect from Wi-Fi

pair with Bluetooth devices
run at startup
read battery statistics
full network access
control vibration

expand/collapse status bar
access Bluetooth settings
draw over other apps
read Google service configuration
change network connectivity

Did IBM Violate Flickr Users’ Privacy?

The Verge reporting:

IBM took nearly a million photos from Flickr, used them to figure out how to train facial recognition training programs, and shared them with outside researchers. But as NBC points out, the people photographed on Flickr didn’t consent to having their photos used to develop facial recognition systems — and might easily not have, considering those systems could eventually be used to surveil and recognize them.

While the photographers may have gotten permission to take pictures of these people, some told NBC that the people who were photographed didn’t know their images had been annotated with facial recognition notes and could be used to train algorithms.

“None of the people I photographed had any idea their images were being used in this way,” one photographer told NBC.

Not cool.

Facebook, Zuckerberg Consider Auto Deleting Messages

Mark Zuckerberg via Facebook:

I believe there’s an opportunity to set a new standard for private communication platforms — where content automatically expires or is archived over time. Stories already expire after 24 hours unless you archive them, and that gives people the comfort to share more naturally.

This philosophy could be extended to all private content.
For example, messages could be deleted after a month or a year by default. This would reduce the risk of your messages resurfacing and embarrassing you later. Of course you’d have the ability to change the timeframe or turn off auto-deletion for your threads if you wanted.

And we could also provide an option for you to set individual messages to expire after a few seconds or minutes if you wanted.

Should have been done 10 years ago.

Android apps send your data to Facebook

The Verge:

Major Android mobile apps from companies including Yelp and Duolingo send data that could be used to personally identify you for ad tracking straight to Facebook immediately upon logging in, according to a new report from the London-based UK charity and watchdog group Privacy International (PI).

This data transfer happens even if a user isn’t logged into Facebook on that device and even in the event the user doesn’t have an active Facebook account at all.

Amazing.