Image by Hiya
Robocall Blockers Caught Sending User Information to Third Parties
It’s no secret that robocalls—fraudulent calls made by automated systems—are out of control in the United States, which is why many iPhone users install apps to block them. But security consultant Dan Hastings has revealed to TechCrunch that many of these apps, like Hiya, TrapCall, and TrueCaller, send user data to third parties. For example:
- TrapCall sent user phone numbers to AppsFlyer, an analytics firm.
- Hiya and Truecaller sent data like device type, model, and software version before a user could accept the privacy policy.
- Other apps sent data to Facebook on launch.
After being called out, Truecaller updated its app and claims that it no longer sends data immediately. Hiya vaguely promised to do better but didn’t offer details.
Hastings pointed out that these practices violate Apple’s App Store rules, so it’s distressing both that these companies are intentionally trying to circumvent Apple’s privacy-protecting policies and that Apple is failing to catch them ahead of time.
I use the free AT&T Protect Robocall Blocking app. I figure AT&T already know who calls me and who I call anyway. 3rd party companies, yeah, no way I’m touching those.
I use AT&T Protect also, and the problem that I see is that it is powered by Hiya, so it would seem our information is going out to 3rd party companies.
I hadn’t noticed the Hiya connection before, but right you are. So they have the smarts and AT&T are using them to provide the service. I would hope that they are not keeping logs of all the incoming calls but they are keeping a list of which numbers you have chosen to block so they have information that I would rather only AT&T has. You would think AT&T would be big enough to be able to build this kind of technology but it takes a 3rd party to do it instead.