After embarking on exactly the kind of cringe-inducing apology tour one would expect following the revelation that Cambridge Analytica plundered the data of millions of Facebook users, Mark Zuckerberg has yet another mess on his hands. Over the weekend, Android owners were displeased to discover that Facebook had been scraping their text-message and phone-call metadata, in some cases for years, an operation hidden in the fine print of a user agreement clause until Ars Technica reported. Facebook was quick to defend the practice as entirely aboveboard—small comfort to those who are beginning to realize that, because Facebook is a free service, they and their data are by necessity the products.
In its current iteration, Facebook’s Messenger application requests that those who download it give it permission to access incoming and outgoing call and text logs. But, as users discovered when prompted to download a copy of their personal data before permanently deleting their Facebook accounts, a certain amount of data was covertly siphoned without explicit permissions. Buried inside those data caches was an unsettling amount of specific, detailed information—in some cases, every phone call or text message ever sent or received on their Android device. Dylan McKay, who apparently owns an Android phone, reported that for the period between November 2016 and July 2017, his archives contained “the metadata of every cellular call I’ve ever made, including time and duration” and “metadata about every text message I’ve ever received or sent.” When people like McKay agreed to share their contacts with Facebook, it appears they didn’t know the extent to which they were giving Facebook access to their personal information.