(Unless you’re into that sort of thing.)
I’ve seen a number of variations of a very click-baity article in my feed over the last few days dealing with Facebook Messenger and how its Terms of Service (TOS) seems to ask for everything up to and including one’s first-born child just for the privilege of allowing you to send email without actually sending email.
I know that Android is like the wild west, but on iOS, some of what’s listed isn’t possible for an app, and some of it requires explicit permission from the user (speaking as an iOS developer, there is NO WAY for an app to get around it.) Let’s take a look at the most common egregious items:
“Change the state of network connectivity:” Not possible. You’re on wifi or the cell network. Airplane mode is on or off. You are in control. An iOS app can’t change that.
“Allows the app to call phone numbers without your intervention:” Not possible. Any time an app attempts to dial a number, you’ll get a big dialog asking if it’s okay. Every. Time. No way around it.
“Allows the app to send SMS messages [without your intervention]:” Not possible. No app can send an SMS from your phone without that little share dialog popping up for you to approve not only the message, but who it’s going to.
“Allows the app to record audio with microphone. This permission allows the app to record audio at any time without your confirmation:” This one’s a little looser. The first time an app wants to use the microphone, it must ask permission with a dialog. After that, it can turn on the microphone whenever it wants. However, if the app is not in the foreground, you’ll see a huge red banner at the top of the screen. And if the phone’s screen is off, no access can take place no matter what.
If you decide at a later time to allow/deny permission to an app (say, you decide you want to use FB Messenger to send some audio greetings or something,) you can go to Settings -> Privacy -> Microphone and set microphone permissions on an app by app basis.
“Allows the app to take pictures and videos with the camera. This permission allows the app to use the camera at any time without your confirmation.” Any app can take still pictures without permission (however, that will change in iOS 8.) But you’ll normally hear that shutter click sound. Video permission is tied to microphone permission (you can’t take silent videos.) If the mic is off, video is off.
“Allows the app to read your phone’s call log, including data about incoming and outgoing calls:” Not possible. Let me say this again. NOT POSSIBLE. No iOS app has access to this data.
“Allows the app to read data about your contacts stored on your phone, including the frequency with which you’ve called, emailed, or communicated in other ways with specific individuals:” Half possible. As noted above, call info, when you’ve emailed or texted someone, etc., is not available to an app EVER. However, if you answer “Yes” to a permissions dialog, you can give an app the ability to read and write to your Contacts info. Personally, I think there are very few legitimate reasons to allow this kind of permission outside of a corporate app environment. And again, you can change your mind later by going to Settings -> Privacy -> Contacts.
“Allows the app to read personal profile information stored on your device, such as your name and contact information:” The answer is the same as for the last paragraph, as this information comes from Contacts.
“Allows the app to access the phone features of the device. This permission allows the app to determine the phone number and device IDs, whether a call is active, and the remote number connected by a call:” Mostly not possible. There is technically a way that a programmer MIGHT be able to get the phone number for an iPhone, but it will probably get the app rejected by Apple, and the bug may already have been patched. There is no way for an app to tell if a call is active, or what the caller’s number might be.
“Allows the app to get a list of accounts known by the phone. This may include any accounts created by applications you have installed:” Only your Facebook and Twitter accounts are accessible, and only after you give explicit permission (I’m guessing for the FB Messenger app, you’ll want to allow it access to FB.) And like the other permissions you grant, you can change your mind and go to Settings -> Privacy to change them.
So what’s going on here? Some people have said this might be the Android version of the Terms. Some have countered that not even Android is this free and breezy with user data (I forget who said it: “iOS is an app platform. Android is an ad platform.”)
Probably, it was just blindly written by lawyers with no idea of what they were setting themselves up for, nobody reality checked it, and into the app it went. Someone discovered it, wrote a blog post, and discovered click-bait gold.
Really, if you stopped to actually read the TOS of almost any app on your computer or phone, you’d find it a most draconian (and totally unenforceable) document. But lawyers gonna lawyer.
The moral of the story is, wherever you think we “are,” we’re not actually “there” yet.