{"id":21453,"date":"2018-03-06T09:00:00","date_gmt":"2018-03-06T14:00:00","guid":{"rendered":"https:\/\/www.kaspersky.com\/blog\/?p=21453"},"modified":"2019-11-15T06:40:52","modified_gmt":"2019-11-15T11:40:52","slug":"getcontact-collects-personal-data","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com\/blog\/getcontact-collects-personal-data\/21453\/","title":{"rendered":"GetContact: Find a contact or give your contacts away?"},"content":{"rendered":"

\u201cHi! Don\u2019t miss out on this limited-time deal\u2026\u201d Many of us could happily live without another one of these calls. Mobile app developers heard the call, and now some offer the ability to see a number\u2019s reputation when receiving a call, some offer information about the company the number belongs to, and some offer to block known telemarketers. The GetContact app has recently gained popularity among such solutions with an interesting take: It identifies numbers using its users\u2019 own contacts.<\/p>\n

GetContact has great potential for success. Having installed it, you will know almost every caller by name and picture; the app pulls up the caller\u2019s personal data and photo from its database.<\/p>\n

The app also lets users instantly put callers on a telemarketer black list, easily block unwanted calls, and look up contacts by name or number. Want your hot neighbor\u2019s number? Simply look them up on GetContact! Of course, there is a price you have to pay for these perks: It\u2019s access to your contacts \u2014 the app wants those names and numbers.<\/p>

\"We<\/a>

We tested the app on several colleagues who volunteered for the experiment<\/p><\/div>\n

<\/strong><\/p>\n

Nothing wrong with being curious\u2026<\/h2>\n

<\/p>\n

It\u2019s no wonder GetContact is often used in ways not listed in the product description. There\u2019s so much to learn! People all over the world got excited about looking up their numbers to find out what their friends called them, and that started a real epidemic on social media, where users\u2019 feeds are filled with screenshots and jokes referencing the new trend.<\/p>

\"Peter<\/a>

Peter Darth Melon<\/p><\/div>\n

It gets worse. If the app lets me look myself up, why not look up the numbers of my friends, coworkers, or spouse? This is where users start making unpleasant discoveries. A woman seeing her husband\u2019s number under a female name might suspect him of cheating and get into a big argument. A senior manager of a large company turned up as a \u201cTV salesman\u201d in an old client\u2019s contacts and became an office joke.<\/p>\n

Whether it\u2019s in fun or as revenge, the app offers a lot of room for creativity: You can call a person \u201cdrug dealer\u201d or \u201cMy Baby\u201d \u2014 and someone will be sure to ask them for an explanation. But wait, the same can happen to you! To make it worse, the app doesn\u2019t let you track down the person who saved you under this or that name.<\/p>

\"Is<\/a>

Is it real or someone\u2019s idea of a joke?<\/p><\/div>\n

<\/strong><\/p>\n

Forewarned for your own good<\/h3>\n

<\/p>\n

What about privacy, you ask? GetContact\u2019s website contains a confidentiality agreement in accordance with which the user gives the app access to any personal and corporate data, including data stored by other apps and on social media, as well as the right to share this data with third parties \u2014 in other words, with anyone.<\/p>\n

Among other things, GetContact stores your phone books and contacts, photos, e-mail addresses, IP addresses, and conversation records. By accepting its terms, you sign over your personal data to the app \u2014 and your coworkers\u2019 and friends\u2019 data as well.<\/p>

\"\"<\/a>

The complete list of data the app can access is scary<\/p><\/div>\n

The app\u2019s developers insist that they do not sell their data to anyone. However, they can change their minds at any moment \u2014 the user agreement allows them to transfer data to any third party and contains a clause forcing the user agree to receive mass e-mails\/messages. Even if that doesn\u2019t happen, the possibility of hacks and data leaks should not be discounted.<\/p>\n

<\/strong><\/p>\n

Can you stop showing my number?<\/h3>\n

<\/p>\n

GetContact developers allow users to take themselves out of the database. To do so, you have to find the Unlist page on the website, enter your number, and send a request. Within 24 hours, the app should stop looking you up in other people\u2019s phone books. However, there is a \u201cbut\u201d: This option is available only to those who delete the app from their own devices. If your curiosity gets the better of you and you install the app again, your number will become visible to everyone again.<\/p>\n

<\/strong><\/p>\n

Is that even legal?<\/h3>\n

<\/p>\n

GetContact has been officially outlawed in several countries because of its questionable privacy policy, and it\u2019s under close scrutiny for compliance with personal data and other legislation in others. But these measures are late in coming \u2014 the service has already collected several million telephone numbers from users in countries around the world, and it\u2019s unlikely the developers will be interested in deleting them, even if its activities are found to be noncompliant with legislation in this or that jurisdiction. What will GetContact do with all of those contacts? As we said, anything they want.<\/p>

\"\"<\/a>

Google Play\u2019s installations number indicates the counter doesn\u2019t exaggerate<\/p><\/div>\n

<\/strong><\/p>\n

So, what can we do?<\/h3>\n

<\/p>\n

You cannot use an app like GetContact and at the same time be guaranteed privacy. For us, privacy outweighs the satisfaction of seeing that you are not listed in someone\u2019s phonebook as \u201cnot that guy again.\u201d If you feel the same, here\u2019s a couple of things you can do to avoid setting yourself and your friends up for trouble.<\/p>\n

    \n
  • When installing a new app, don\u2019t be lazy: Read the user agreement and privacy policy. It\u2019s never a bad thing to know what you\u2019re signing. User agreements seem too long and unreadable? We have a post on how to extract the most important information<\/a> from EULAs in a few minutes.<\/li>\n
  • When giving an app access to data<\/a>, think for a second: Does the app really need access to that kind of information to work? What will happen if the app shares the data publicly? In some cases, you can deny some permissions and the app will work just fine.<\/li>\n<\/ul>\n

    All about Android app permissions<\/a><\/p><\/blockquote>\n