We've all had this happen: your phone rings and the caller ID shows only a number because the contact isn't in your address book. You've no idea who it is, so you reluctantly answer. Turns out it's either someone you don't want to talk to, a wrong number, a bill collector, or some other person you'd have rather avoided.
Before today, an app called Mr. Number could've made that scenario play out a little bit differently. The app had a feature called crowd sourced caller ID, which - get this - shared your entire address book with other Mr. Number users. And by "share," I don't mean it sent your address book to everyone so they could simply look through it, but rather it would let you know who was calling when the person wasn't in your contact list by checking the number against its collection of stored names/numbers.
For example, let's say that both you and I are Mr. Number users and chose to opt-in to the crowd sourced caller ID service. If, say, my wife (whom you've never met) tried to call you, her name would show up on your caller ID. Why? Because she's in my address book, and I shared that information. Crazy, right?
Clearly this application operated in somewhat of a gray area; would you want your contact information shared with every user of the service? I sure as heck wouldn't. But, for the past two years, Mr. Number has been part of the Android ecosystem doing just that. In fact, it's quite the popular app - 4.4 stars with 1m-5m installs. Impressive.
Now, however, thanks to a recent change in Google's ToS, Mr. Number had to shutdown its crowd sourced caller ID feature. Why? Because there's no way, no way, that every user had each contact's permission to share their name and phone number with this service. Mr. Number attempts to defend itself by saying that "they told you not to opt in to crowd-sourced Caller ID unless you had permission from their contacts and we offered a paid version instead." Give me a break. Here's the clause in question:
Personal and Confidential Information: We don't allow unauthorized publishing or disclosure of people's private and confidential information, such as credit card numbers, Social Security numbers, driver's and other license numbers, or any other information that is not publicly accessible.
Google saw this "feature" for exactly what it was: a violation of privacy. While the potential value of a crowd sourced caller ID isn't difficult to see, the actual implementation was just shady. It should be up to each user of the service to upload their own information, not take it upon themselves to share the information of friends, colleagues, co-workers, family members, or whoever else may be stored in their phone. If done that way, the service could build a collection of names and numbers, all of which were provided by their respective owner. Collecting personal information for all contacts stored in a phone, though, that's just shady, even with the phone owner's permission.
Clearly, the Mr. Number developers are upset by this change. In a post on their official blog, they said that "Android isn't as open as [they] thought it was," and that "you need permission to innovate." But, this isn't a matter of being open. This is a matter of privacy, no matter which way you slice it.
I, for one, am glad Google is plugging privacy holes in its Terms of Service. My phone number and who I share it with is my personal business, and I'm happy that Google is doing its part to keep it that way.
[Mr. Number Blog; Thanks, Andrew!]