The business team wanted to get Bluetooth permissions so it could push ads to people’s phones when they walked into a store. Meanwhile, the growth team, which is responsible for getting more and more people to join Facebook, wanted to get “Read Call Log Permission” so that Facebook could track everyone whom an Android user called or texted with in order to make better friend recommendations to them.
Kashmir goes on to detail how Facebook found a loophole where they could get call log permission on Android without having to ask for it:
Then a man named Yul Kwon came to the rescue saying that the growth team had come up with a solution! Thanks to poor Android permission design at the time, there was a way to update the Facebook app to get “Read Call Log” permission without actually asking for it. “Based on their initial testing, it seems that this would allow us to upgrade users without subjecting them to an Android permissions dialog at all,” Kwon is quoted. “It would still be a breaking change, so users would have to click to upgrade, but no permissions dialog screen. They’re trying to finish testing by tomorrow to see if the behavior holds true across different versions of Android.”
There’s no way to look at this where the people involved don’t look malicious and evil. If you care at all about your privacy and personal data, you should have nothing to do with Facebook or their affiliated companies.
(via Daring Fireball)