01 April 2020

Spyware Apps: TrueCaller (by True Software Scandinavia AB)

Indian Army says TrueCaller is a spyware, should be deleted from phones immediately

Indian Army has issued an advisory for its personnel asking them to delete TrueCaller from their phones immediately.

Indian Army has issued an advisory for its personnel asking them to delete TrueCaller from their phones immediately. The advisory issued on November 24 notes that TrueCaller is a "spyware" or a "malicious ware" and that it should be immediately deleted from the personal and official phones. The advisor also lists some 40 other apps, mostly from China-based companies, that should not be installed on smartphones by Indian Army personnel and if they are installed, they should be deleted immediately.

The advisory largely focuses on apps made by China-based companies. But TrueCaller stands out in the list, not only because it is not from a Chinese company but also because it is arguably the most popular app in the list of apps that Indian Army deems dangerous.

While the list is obviously meant for people part of national security apparatus, if Indian government is deeming an app dangerous for its officials it is also probably dangerous for regular users.

In a statement to India Today Tech, TrueCaller said that it was studying the Indian Army advisory and denied that it was a malware. "In response to certain reports, we would like to clarify that we are a Sweden based company. We are not sure why the app is on this list, but we're investigating. Truecaller is not a malware, and all our features are permission based and are disabled by default," a TrueCaller spokesperson said.

Also Read: Be warned if you use Chinese apps such as Weibo, WeChat, others: Home Ministry

Of late, there is a growing concern over the use of apps made by China-based companies in India, and the data that these apps access on smartphones. Recently, Indian government had asked over 30 big phone makers in the country to explain how they were collecting data from their phones sold in the country and how they were using this data. Of particular concern to the Indian government are apps and devices that collect user data and then send some of its data, mostly for valid reasons, to servers based in China.

TrueCaller, incidentally, doesn't send data to China-based servers and it is not an app made by a Chinese company. However, it does have certain privacy issues given how it works. Whenever a user installs the app, its functionality -- mostly checking for the identity of the callers and fighting spam -- is enabled only when a user allows the app access to its contacts. These contacts are then copied and uploaded on to TrueCaller servers.

The way TrueCaller scoops contacts is probably the reason why TrueCaller is in the list of apps that Indian Army considers too dangerous. Earlier, talking of TrueCaller, here is what we wrote:

The problem is with the default behaviour of Truecaller. It has built in some privacy checks -- you can delist your number, if you find it in the Truecaller database -- but these steps are after thoughts. By design, by default, Truecaller is a pervasive app. Its business model is all about collecting numbers. And it does so zealously. When you install the app, it takes a look at your whole contact book and siphon off that data -- numbers and names included -- to its servers.

Source: indiatoday.in

No comments: