In early January,Â Facebook updated theirÂ iPhone app to include a Contact Sync feature. In aÂ nutshell, “Facebook Contact Sync” allows you toÂ synchronise your friends’ latestÂ Facebook profile pictures with the matching contact entry in your mobile phone’s address book. Due to “Terms of Service Issues” however,Â Facebook doesÂ not sync your friends email addresses or phone numbers (listed on theirÂ Facebook profile)Â TO your phone.
Ironically, whatÂ Facebook WILL DO, with neither your knowledge or consent, is import ALL the names and phone numbers FROM your phone’s address book and upload them to your Facebook Phonebook appÂ (Click HERE to see yourÂ Facebook Phonebook) onÂ Facebook.com, thus storing your private contact numbers on Facebook‘s servers. Once your phone is synced ,Â Facebook will attempt to match the newly uploaded phone numbersÂ to users that have listed the same phone number on theirÂ Facebook profile, wether you are friends with them or not.Â IfÂ Facebook cannot make a match, it will create a new contact entry in your Facebook Phonebook using the contact details imported from your phone, and add a link to invite them to joinÂ Facebook. And guess what? There is no way to delete the names and numbersÂ Facebook imports from your phone’s address book.
Boom. You just got jacked byÂ Facebook.
So what is so worrisome aboutÂ Facebook uploading your mobile phone’s address book to their servers? Several things:
1)Â Facebook doesn’t warn users that they are uploading their phone’s adress book to Facebook. In fact, becauseÂ Facebook doesn’tÂ sync contact numbers or email addressesÂ TO your phone, most users wrongly assume thatÂ Facebook Contact Sync only syncs user pictures. In reality though, they are pumping your address book, without your consent.
2) Phone numbers are private and valuable. Most people who have entrusted you with their phone numbers assume you will keep them private and safe. If you were to ask your friends, family or co-workers if they are ok with you uploading their private phone numbers to be cross-referenced with otherÂ Facebook users, how many of them do you think would be ok with it?
3)Â Facebook doesn’tÂ exactly have a perfect track record when it comes to protecting your privacy. And whilst it’s unlikely that your data will fall into the wrong hands or be used for evil, it’s still a possibility. If you can look past that and entrustÂ Facebook with your own information, that’s fine. But can you really make that call (pun painfully intended)Â for every single person in your mobile phone’s address book? Would you like it if someone else was making that call about your own private information?
5) Whilst checking myÂ Facebook Phonebook, I noticed that there were a number of people that I did not know and was not friends with.Â Facebook had matched them to phone numbers imported from my phone. Turns out some of these unknown users hadÂ fraudulently listed the phone numbers of hotels or businesses, that I had saved on my phone, as their own. Other users simply had phone numbers that matched some of my contacts due to both them and I not including an internationalÂ diallingÂ code before the phone number in question.
Here is another scenario: Random guy, meets random girl in random club.Â Girl gives boy phone number. Boy is blasted. Boy doesn’t enter phone number correctly and confuses the last two digits. In a twist of fate, the phone number he enters is YOUR phone number (Your phone number and random girl’s phone number are the same,Â exceptÂ for the last two digits). Boy syncs phone toÂ Facebook.Â Facebook matches your newly uploaded phone number to yourÂ Facebook profile. Now random boy has your name,Â Facebook profile and phone number. Unlikely scenario, perhaps, but still possible. When a wrong number is dialed, someoneÂ usuallyÂ picks up, right? Well why couldn’t that person be you? Â The point is your phone number is being crossÂ referencedÂ in a system-wideÂ Facebook phone directory, and you never opted in.
6)Â Facebook isÂ notoriouslyÂ littered with hundreds of malicious “Facebook Apps“, phishing scams and hacked accounts. Their sole purpose is to pump your account for your private data and that of your connected friends.Â Facebook is not the type ofÂ environmentÂ most users are comfortable storing phone numbers on, nor should it be. As much as I haveÂ defendedÂ Facebook in the past, theÂ amountÂ of hacked accounts I see on a regular basis onÂ Facebook forces me to think otherwise.
The Bottom Line:
I’m not suggesting uploading your address book online is tabboo. A large portion of my address book lives in Gmail, so I’m no stranger to the concept. In fact, I’m a fan. The difference is, withÂ Gmail I did so willingly. It wasn’t done so for me or without my consent.Â Furthermore, Â I chose WHICH contacts I wanted to backup online. There are some contacts and phone numbers who’s privacy I simply refuse to risk on the Web.Â Facebook has taken and continues to take liberties on behalf of their users. Their perception of privacy and their users perception of privacy is often very different. I don’t think this is maliciousness on Facebook‘s part, but it does show me thatÂ Facebook is painfully out of touch with the needs andÂ beliefsÂ of their CORE users, who are still wary of theÂ opennessÂ that a Web 2.0 lifestyle entails. It’s their right.Â Facebook needs to either respect that or openly provide a disclaimer that they do not.
(NOTE: The above post outlines my experience withÂ Facebook Contact Sync and my iPhone. If you are a Blackberry, Palm Pre, Android or other platform user, please leave me a comment bellow outlining your own experience and/or feeling on this subject matter. Much Thanks!)