Tags: Personal Privacy
The contacts list on your smartphone is routinely accessed by many applications. Here are some simple steps to limit such access.
Your smartphone might be sharing your contacts information with applications other than the telephone or e-mail apps. Some apps truly need to use your contacts data, but others do not. Such apps may instead be fishing for extra data to snarfle up for some nefarious purpose.
Why do we care which applications use our contacts list?
Consider installing and using Snapchat. The application requires your phone number for registration, and then it asks to access the contacts list.
For myself, I'm nervous whenever an application asks for my phone number unless there's a very good reason. That's why I haven't signed up with Telegram, for example.
You might give Snapchat your phone number but balk at giving it your contacts list. But, Snapchat goes ahead and offers you contact with people you already know.
How does Snapchat know about your contacts if you did not allow access to that data? Your friends who already signed up with Snapchat may have provided their contacts data, informing Snapchat of your existence before you signed up.
This is an example of your contacts data, which you should keep private, leaking to cloud services. How do you know whether if any service is misusing your data? See Why avoid sharing smart phone Contacts using iCloud/Google/etc
Select which apps have access to the contacts list
In both Android and iOS you can go into the Settings area, and select which apps have permission to access your contacts list.
In Android, open the settings app and search for Permission. You may have to hunt through the results, but you're looking for Contacts.
This shows a list of applications, and whether they are allowed to access the Contacts data.
In iOS, , the process is similar:
- Open the Settings app, and tap on the Privacy option.
- Tap Contacts.
- Use the toggle on the right to deny access to Contacts for any apps that do not require permission to function.
Avoid putting sensitive information in contacts entries
Because so many applications might access your contacts list, it's a bad idea to use it to store sensitive data.
Someone might put bank account PIN numbers or the like in a Contacts entry. That might sound like a convenience, but what if that data is leaked somewhere?
Limit the applications on your device
Do you need to install so many applications? How many of the applications you've install are potential security risks?
Be selective, and regularly prune away applications you don't use.
Keep extra sensitive data on a device used only for that purpose
Some of us have legitimate reasons to put sensitive data on a smart phone.
For example we might be a psychiatrist who see's clients using online communication. That may mean keeping some client information on a smart phone. But how can you do this while obeying HIPAA regulations?
One route is, for such sensitive data, to use a separate device for that data. Then, with that device, ensure no data is automatically synchronized.
Summary
Some application authors have a business model that includes casually picking up what should be private information. They do this to more quickly reach additional customers, such as the Snapchat case described earlier.
Whatever the reason, do those application authors have a legitimate need to access your contacts data. That data should be considered very private and not to be shared with others. It's not only about your privacy, but the privacy of your contacts.
