There are lot of so called caller identification apps that will put a name for an unknown number calling your cellphone. But the ugly truth behind this is usually overlooked. People just don't understand that just by installing these stealthy apps, they are breaching privacy of others and also putting themselves and others in risk. Let me explain few of the possible scenarios and a possible solution for handling apps like this.
1. Person A gives his number to Person B so that they can stay in touch (may be for business or personal needs). Person C asks Person B for Person A's mobile number.
In usual case, Person B will politely refuse to share Person A's number. In some cases Person B will call Person A to get his consent to give his number to Person C.
But in TrueCaller's case, the entire contact list of Person B is uploaded to TrueCaller's server WITHOUT getting the consent of anyone in the list.
2. Person A stores some sensitive information like credit card numbers and PIN numbers as contacts. (It is stupid, but people always do that right?)
In usual case, Person A puts his credit card at risk in case someone snatches his phone or hacks in to his phone.
But with TrueCaller, the numbers are uploaded to the third-party server by default. They may claim that their system will filter out numbers that are not phone numbers. But who is going to audit it?
3. Person A stores his brother's/girlfriend's/son's/mom's number with their pet-name.
In usual case, this can be seen only by few (if they are staring in to Person A's phone when their dear one is calling.
With TrueCaller, the contact is uploaded and anyone who receives a call from the number may get the pet/nick name of the person. Similarly, some people store relationships like "Person A's Mom", "Person B's Wife" etc in their phone. With whose consent these sensitive information are shared with anyone on the Internet?
4. A womanizer or a scammer can browse the TrueCaller database with random numbers and get the names. Sometimes information like the company they work for or the college they study are also included with the contact name. With this, they can call the person and start a conversation like "Hey, Rajesh, how are you? I studied MSc with you..."
Above mentioned are not the only problems you can have. There are lot more possibilities that we can never figure out! The main problem with TrueCaller and such apps are this. My (or your) mobile number, name and often, other sensitive information are uploaded to the server of a private third-party's server without my (or your) consent just because some asshole who stored your number in his contact list installed a stupid app to say him who is calling from an unknown number.
To avoid the above mentioned problems and to ensure that everyone's privacy is respected, these apps should first get the consent of the users before they store their data in their servers and make them accessible to the public. If someone who has your contact uploads their entire contact list to these thrid-parties, they should send an SMS or make an automated voice call to get your consent before even storing your data in their servers. Unless this is done, these apps remain as a serious privacy and security threat to the public.
If you want to protect yourselves and your family and friends from these rouge apps, follow the below steps.
1. Uninstall these rouge apps if you have them installed
2. If these rouge apps come pre-installed with your phone, then disable them before you start using the phone.
3. Go to their sites and unlist your numbers.
4. Tell about the dangers to your friends and family and ask them to do the above steps.
5. Give feedback to developers of these unethical apps. Give them poor rating. File complaints against them in appropriate forums.
1. Person A gives his number to Person B so that they can stay in touch (may be for business or personal needs). Person C asks Person B for Person A's mobile number.
In usual case, Person B will politely refuse to share Person A's number. In some cases Person B will call Person A to get his consent to give his number to Person C.
But in TrueCaller's case, the entire contact list of Person B is uploaded to TrueCaller's server WITHOUT getting the consent of anyone in the list.
2. Person A stores some sensitive information like credit card numbers and PIN numbers as contacts. (It is stupid, but people always do that right?)
In usual case, Person A puts his credit card at risk in case someone snatches his phone or hacks in to his phone.
But with TrueCaller, the numbers are uploaded to the third-party server by default. They may claim that their system will filter out numbers that are not phone numbers. But who is going to audit it?
3. Person A stores his brother's/girlfriend's/son's/mom's number with their pet-name.
In usual case, this can be seen only by few (if they are staring in to Person A's phone when their dear one is calling.
With TrueCaller, the contact is uploaded and anyone who receives a call from the number may get the pet/nick name of the person. Similarly, some people store relationships like "Person A's Mom", "Person B's Wife" etc in their phone. With whose consent these sensitive information are shared with anyone on the Internet?
4. A womanizer or a scammer can browse the TrueCaller database with random numbers and get the names. Sometimes information like the company they work for or the college they study are also included with the contact name. With this, they can call the person and start a conversation like "Hey, Rajesh, how are you? I studied MSc with you..."
Above mentioned are not the only problems you can have. There are lot more possibilities that we can never figure out! The main problem with TrueCaller and such apps are this. My (or your) mobile number, name and often, other sensitive information are uploaded to the server of a private third-party's server without my (or your) consent just because some asshole who stored your number in his contact list installed a stupid app to say him who is calling from an unknown number.
To avoid the above mentioned problems and to ensure that everyone's privacy is respected, these apps should first get the consent of the users before they store their data in their servers and make them accessible to the public. If someone who has your contact uploads their entire contact list to these thrid-parties, they should send an SMS or make an automated voice call to get your consent before even storing your data in their servers. Unless this is done, these apps remain as a serious privacy and security threat to the public.
If you want to protect yourselves and your family and friends from these rouge apps, follow the below steps.
1. Uninstall these rouge apps if you have them installed
2. If these rouge apps come pre-installed with your phone, then disable them before you start using the phone.
3. Go to their sites and unlist your numbers.
4. Tell about the dangers to your friends and family and ask them to do the above steps.
5. Give feedback to developers of these unethical apps. Give them poor rating. File complaints against them in appropriate forums.
No comments:
Post a Comment