Permissions for the Facebook Messenger App Raise Concerns

Permissions for the Facebook Messenger App

The Internet is agog over the seemingly intrusive permissions for the Facebook Messenger app.

If you use Facebook to communicate with your contacts, you soon may have no choice but to use the app which will soon be the only way mobile users will be able to send messages on Facebook. But at issue is the number and type of permissions the app demands as a condition of use.

Facebook insists critics are making a big deal out of nothing. Facebook can read messages stored on your smartphone? It can operate the camera on your phone without your knowledge?

All true, says Facebook, but it’s not how it looks. The company says it has no intention of doing any of that. Instead, Facebook blames Android’s strict permissions rules necessary for the app to be downloaded and used.

In a post addressing the issues with Messanger on its official help page, the company explains:

“Almost all apps need certain permissions to run on Android, and we use these permissions to run features in the app. Keep in mind that Android controls the way the permissions are named, and the way they’re named doesn’t necessarily reflect the way the Messenger app and other apps use them.”

The uproar over these permissions was mostly generated by Facebook’s mandate recently that mobile users have no choice but to use the app in order to keep messaging contacts on Facebook. Some mobile users have already received notifications that their messages have been moved, or are no longer available on the regular mobile app, the Wall Street Journal reports.

Issues with Facebook’s Messenger app among users have existed for quite some time, as this February tweet on the topic reinforces:

But Facebook’s insistence that all mobile users now download the app whether they want to or not has likely brought the issue to a head.

In its help page response to the backlash, Facebook addresses some of the hot-button issues point by point:

  • Controversial photo and video permissions are necessary to let users take video and video content an share it through the app.
  • Permission to call phone numbers on your phone is necessary to provide a Messenger feature that lets users tap a phone number on the screen and call the number.
  • Permission to record audio is necessary for the app to allow users to make free voice calls to contacts and send voice or video messages.
  • Permission to receive text messages is necessary, Facebook says, only to allow the app to send a confirmation email to your phone if you wish to add you phone number to your Messenger account.
  • Permission to read user phone contacts allows the app to read phone contacts from your phone and add them as contacts on Messager. (This one, Facebook says, you can disable by going to the Messenger settings and unsyncing your phone contacts.)

In short, Facebook claims all these permissions are needed to allow the app to do what it does on your mobile phone.

Has any of this helped allay your fears?

Ah well, it doesn’t much matter. If you plan to keep in touch with contacts on Facebook via mobile, you’ve got no choice but to use the app.

So the only question becomes whether your mobile Facebook contacts are important enough or not.

More in: 10 Comments ▼

Joshua Sophy Joshua Sophy is the Editor for Small Business Trends and the Head of Content Partnerships. A journalist with 20 years of experience in traditional and online media, he is a member of the Society of Professional Journalists. He founded his own local newspaper, the Pottsville Free Press, covering his hometown.

10 Reactions
  1. The information contained in here is not true. I have witnessed first hand where I received an email from a person, who I am not connected with on Facebook, and had never emailed before. Shortly after that email exchange, Facebook is now listing that person as a “Suggested Friend”. We have no mutual friends, and there was no other way for Facebook to have known we were connected, other than mining my email. Separately, I also have a contact in my phone book who I keep the phone number for, as I do not want to communicate with this person in case they call. Additionally, shortly after installing the Facebook Messenger app, this person was also listed as a suggested friend. Like the first example, we shared no mutual friends and there is no other way Facebook could have known about any connection. Facebook is lying if they try to make us believe they are not mining our phones for other information.

    I have never used Facebook Messenger to send an email or message outside of the Facebook environment, nor have I ever used it to make a phone call.

    The app is deleted, never to return. If I see this occurring through the Facebook app itself, that will also be deleted from my phone.

    • Hi Jeff,
      Thanks for your comment. We hear what you’re saying. Our point in publishing the post wasn’t to take sides with Facebook certainly. Only to state the concerns and the company’s response. Obviously, even if Facebook were abiding by the limits it says it’s observing in this case, there’s no knowing how the company might use these permissions in the future, as we’ve already seen. Our only point was to raise awareness of the concerns so that our readers, many of whom are small business owners and depend on Facebook to stay connected with customers and contacts, will realize the tradeoffs potentially involved and make an informed decision.

      • Martin Lindeskog


        I recently got the question about this issue on Facebook, by a friend, on Facebook! 😉 He had shared a video clip from Fox News and a so called “tech. expert” telling about all the scary things with the new app.

        Have you ever read the Terms of Service fine print of any app, or service, e.g., iTunes?

        I am glad to see that Facebook is trying to reach out with a positive message. Hopefully they will learn from this experience… 😉

  2. The permissions for the regular facebook app aren’t any more reasonable, IIRC. I use the mobile android browser to hit facebook, and messages still work there. As an added bonus, the mobile site actually works quite a bit better and more often than the app ever did before I uninstalled it.

    • If the website your using is the mobile site & is html5, then you should read the TOS because if they have the same features they might have the same terms, also HTML 5 replaced flash for the reason that now they won’t need any external app to run games, video & apps threw the html5 itself. In other words if the mobile website is made for android & you use the sites messenger app it could do the same mining as the messenger app. It’s possible I’m not saying they’re doing this, but they can if they really want to. Facebook has been abusing their users for much longer than the last time they were caught testing on their users, they might of been doing these kinds of testing’s for allot longer than we assume & they just slipped up this time. I don’t doubt is one but that they’ve been abusing TOS agreements. I deleted my Facebook account a long time ago it was open for about 2 years without any use at all, & deleted the account about 2 years ago.

  3. Wow. Facebook.

    This reminds me of that time Google forced everyone to change their accounts to their real names.

    I do not trust Facebook’s motives or explanations for the messenger.

  4. Pemsys is a great permission manager app for Android. Give it a try!

  5. I had an entire comment about my views on the permissions of Facebook messenger on the Android and it all got deleted. It disappeared and a bunch of computer trees came up saying scripting=false.
    I guess someone didn’t want to know what permissions I have on my phone since apparently no one else is seeing the real permissions messenger has access too.