Why the Facebook Messenger app is not the privacy nightmare people think it is

Facebook Messenger

Facebook MessengerThere’s good reason to be skeptical of Facebook when it comes to privacy, but the Facebook Messenger app isn’t the privacy nightmare that some people think it is.

Facebook is gradually forcing users of its mobile app to download the Facebook Messenger app to their smartphones and tablets in order to continue using the chat feature.

This move has led to a backlash against the social media giant, and it’s not just because Messenger is a separate app that takes up a lot of extra device memory.

Messenger offers much more than the traditional chat available on Facebook.com, including the ability to place calls, send videos, and send messages from the home screen without opening the app.

Although the Messenger app is available for Android, iOS, Windows Phone and BlackBerry, the main source of user angst comes from the lengthy list of app permissions you have to approve before you can download the Android app from Google Play.

Facebook Messenger permissionsAmong the permissions the app requires are several that have given users reason to complain – when you install the Android app, you have to grant access to your device’s contacts, microphone, stored photos, videos, SMS messages, location, and more.

In a help article on Facebook.com, the company explains why some of these permissions are needed, noting for example that accessing the device’s microphone and camera is necessary for sending video messages.

Those permissions are similar to those required by other messenger apps, such as Snapchat or Viber.

The negative reaction seems to have been spurred in part by a December 2013 Huffington Post blog article titled The Insidiousness of Facebook Messenger’s Mobile App Terms of Service.

The article, by Sam Fiorella, which has been “Liked” on Facebook more than 785,000 times, has helped to fuel the fire of public outrage with statements like:

In the case of Messenger on Android, the attempt to collect so much information and take control of one's device is unprecedented and, quite frankly, frightening.

Yesterday, the post was updated to correct the author’s errors around the conflation of Android-specific permissions and Facebook’s terms of service, (which Facebook says are the same for the Messenger app as the Facebook website), and the outdated descriptions of its permissions.

As Facebook points out, Google Play requires users to accept all permissions the app might need before downloading – even if some of those features are never accessed by the user.

In its help article about the Android permissions, Facebook also says the way permissions are described is controlled by Google, even though they don’t “necessarily reflect the way the Messenger app and other apps use them”:

Keep in mind that Android controls the way the permissions are named, and the way they’re named doesn’t necessarily reflect the way the Messenger app and other apps use them.

By contrast, Apple takes a much more granular approach to permissions for iOS apps.

Apple’s mobile apps don’t ask for permissions up front all at once, but rather when a user seeks to use a feature for the first time.

So it could be argued that Facebook is the victim of Google’s decision in June 2014 to lump related permissions together and simplify their descriptions.

In this case at least, the Zuckerbergers don’t deserve the Big Brother accusations being lobbed their way – but they might have avoided a lot of pain if they had spelled things out for users better.

With that said, here are a few tips for Facebook Messenger users to help you better preserve your privacy:

  • Decline or turn off sync if you don’t want Facebook to grab phone numbers from all your contacts.
  • Turn off the location setting that alerts your contacts of your exact location when using the app.
  • If you really don’t want to switch to Facebook Messenger, you can still use the web browser on your mobile device to chat on the Facebook website.
  • Check out our 5 tips to make your Facebook account safer.

If you’re an Android user, you can download Sophos Mobile Security for Android to protect your device.

It scans your apps for malware when you download them, includes a handy privacy advisor – and it’s free from Google Play.

And, if you’d like to stay up to date on all our Facebook-related news, please Like the Naked Security Facebook page.

Image of Facebook Messenger logo courtesy of Facebook.