Over the past few weeks, a new trending app, which calls itself private, went viral. The app, called Sarahah, is actually not that private, as a security analyst observed how it took the users’ contacts and uploaded them to the servers of the company.
Sarahah has been promoted as an app which allows users to receive honest feedback from their friends. However, it seems to be collecting a lot more than these messages, as it also harvests contacts from the users’ phones. They are, indeed, asked for permission before the app accesses all this data. However, they are not notified that the data is transmitted to a server.
After the security report was released, the Sarahah founder, Zain al-Abidin Tawfiq, claimed the upload was necessary for a pending feature allowing you to find your friends. However, some technical difficulties prevented the feature from being implemented. These contacts should have disappeared from the servers but, according to the founder, this was a former partner’s job, who omitted it.
Sarahah tells you it wants your data, but it doesn’t notify you it uses it
You can still use the app even if you don’t agree to share your contacts. However, many people do so, thinking that this might improve their experience. However, their data is not used in-app in any way. This means they cannot look up friends based on their phone number, or see who else is using the app.
If you still want to use Sarahah, but you are concerned about your privacy, there is an alternative. Users can still send and receive messages on a website, which doesn’t access your contacts. You just need to register, without offering any other kinds of information.
Image Source: Pixabay