Subscribe for premier reporting on free speech, privacy, Big Tech, media gatekeepers, and individual liberty online.

TrueCaller has been accused of an egregious privacy violation by an investigative journalist who was put at risk

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Your phone number, your name, and profession, or any other tag that may be used to identify you, may be stored in a global database without your knowledge, and available to anyone you call.

Even in an age of fractured privacy and extremely lowered expectations in this regard – this is not at all an appealing prospect. And in fact, the app that makes this possible – TrueCaller – would not market its service in such terms. In fact, TrueCaller’s “true calling” is not to share non-users’ identity across its entire userbase – it’s to identify incoming calls.

But the trouble with the app is that it allows users to “tag” any number new to its database. This is done without informing the owner of this number on the other side of the conversation, and without their consent.

Problematic? IFEX, a freedoms group focusing on human rights and free expression, thinks so. To demonstrate the harm such data collection practice can do, IFEX writes about an investigative journalist whose identity was recently exposed in this way while on assignment in an African country. The reporter, referred to as “Chloe,” depends on anonymity to do her job and protect her own safety and that of her sources.

However, when she recently made contact with one of these sources who was also a TrueCaller user – she quickly finds out that as the source had “tagged” her number, complete with her name and employer – the cab driver than she called using the same phone knew her full identity.

Needless to say, an investigative reporter working in the field would have had better days.

Besides the potential to physically or professionally harm people who are not even its users, TrueCaller has other problems: for example, two sets of privacy rules, one of the EU, another for everyone else.

And the company explained to IFEX that non-users can “unlist” from the database – but it’s an option that’s to all intents and purposes hidden.

IFEX suggested informing non-users with a text message and asking for their consent each times somebody tries to add them to the database.

“TrueCaller acknowledged our response but did not show an interest in following those steps,” the rights group said.

Free Tutorial: Our step-by-step guide to starting your own website for fun or profit

If you’re tired of censorship and surveillance, subscribe to Reclaim The Net.

Read more

Join the pushback against online censorship, cancel culture, and surveillance.

Already a member? Login.