So-called honesty app Sarahah being used to bully peers

Laverne Mann
August 29, 2017

Sarahah, the anonymous feedback app that recently went viral, has reportedly been silently collecting users' phone contacts data, without the knowledge of its users.

Later creator of the app, Zain al-Abidin Tawfiq said that this feature, where the app was uploading the entire contact detail to the servers would be removed in a later update. However, you can still refuse to give the permission and yet continue to use the app. Things get murky especially since the app doesn't offer any feature that would require access to your contacts. With millions of users actively using the app, it soared high.

In conclusion, for Sarahah users concerned with privacy is that they do not need to download the service app but can use the features like sending messages, register and receiving messages on Sarahah, via a website.

But, online publication The Intercept recently uncovered the app's not-so-honest functionality in an article published on August 27 titled 'Hit App Sarahah Quietly Uploads Your Address Book'. Julain also mentioned that even if a user does not use the app, still it uploads contact again and again.

More news: USA service member missing after Black Hawk crash off Yemen coast
More news: AFC Bournemouth vs Manchester City English Premier League
More news: Facebook users worldwide face problems accessing and using social network

He found that every time a user logs into the app, it will upload private information back to the app's server. He later verified the same occurs on Apple's iOS, albeit after a prompt to "access contacts", which also appears in newer versions of Android. The app interactions also involved privilege escalation which is a phase wherein sensitive information is prone to get leaked. However, the Sarahah app doesn't have any such feature at this moment.

That being said Sarahah has been pretty straightforward when it comes to your contacts, it asks for permission to access your contacts on both iOS and Android. "The privacy policy specifically states that if it plans to use your data, it'll ask for your consent", he told the Intercept. After Intercept pointed out the behaviour, he stated "the data request will be removed on next update" and that Sarahah's servers now don't host contacts. In this case, Julian installed the app on a Samsung Galaxy S5 running Android 5.1.1.

Newer Android operating systems, starting with Android 6.0 ("Marshmallow") do allow for more granular permissions for apps, allowing users to modify controls so that apps do not gain access to contacts or other information. For users who are anxious about their privacy on Sarahah, you can go to the Sarahah website and remove your account from the app. "See which of your contacts are on Snapchat!" and the popup on iOS clearly says that the contacts will be uploaded to Snapchat's servers "so you and others can find friends, and to improve your experience".

Other reports by MaliBehiribAe

Discuss This Article