When you install the app they steal your contact list and populate their database that way. Most people are unaware of this, or don't care since we are a third world country and privacy is seen as a first world problem. The vast majority of thinking here is not very sophisticated about these types of topics. Only a very tiny fraction of the total population is averse to sharing personal information like phone numbers. It's common to see folks post their tax ID numbers etc on public forums, tweets, etc. too.<p>For a number of years it was quite common for folks in the lowest income brackets to change their phone numbers quite often because of rampant competition between mobile network providers. The "Mobile Number Portability" system was eventually introduced that minimized this to a large degree. Eventually the competition subsided and this reduced significantly to a point where it's not very common anymore per my understanding.<p>When I need to use Trucaller I use it via their web interface exclusively with a google account that has 0 contacts for them to steal. I remember finding my number listed many years ago as my name with (web developer) in parenthesis, likely stolen from some old customer of mine.
Indias privacy laws are truly lacking. I am surprised that the government hasn’t enacted any laws for this yet.<p>I have a number of stories for this. Indians are so used to this that sometimes people are shocked when I say no to sharing information that they request.<p>For example in a startup, the HR reached out on WhatsApp to all employees in a group and asked for certain documents and information etc.<p>About Truecaller:
- It’s default opt in (with almost no way to opt out*)<p>- It requires access to your entire contact list - to mitigate this, I request Apple and Google to implement folders for contacts or something similar to how you can limit access to all photos on iOS per app. That way you can create an empty folder and share it with Truecaller<p>- It’s also impossible to change the wrong data that Truecaller somehow gets from some other contact list<p>My sibling recently got a new number and Truecaller assumed some other name and identity. Fellow Indians believe Truecaller more than they believe the person they are talking to (shows how much spam gets passed around)<p>This is NOT just TrueCaller. The same thing happens with Paytm and other payment apps.<p>Paytm for example assumed another identity and they requested us to submit multiple docs to prove our identity even though we never used the platform before. Even after multiple attempts and submitting multiple ids they refuse to change the data
I believe, Truecaller is an auto opt-in and you have to manually opt out if you want your number not be listed. I had to "unlist" my number manually. Check if your number is already in and then unlist at <a href="https://www.truecaller.com/unlisting" rel="nofollow">https://www.truecaller.com/unlisting</a>
I find TrueCaller immensely useful. Especially to filter out and block spam callers. Spam calls and robocalls are a HUGE problem in India. TrueCaller flashes spam callers in red, you can reject the call and save a few precious minutes of your life. About half of the calls I receive a day are spam calls. If I were to answer them all and then reject it would be a waste of time and energy.
I have had many experiences where I tried to order tea at a small tea-stalls (digitally empowered) on the streets of India, and first thing they ask is my phone number! I reject anyone asking my phone number unless dire and a must-one. I also noticed that almost everyone will blurt out their number when anyone ask them.
oh boy. this is interesting.<p>back in 2011. i had "heard" about this. i had an iphone 3GS and an iphone 2G at the time. the 3GS had gotten ios5 if i remember correctly.<p>installing the app, it asked me very strangely to "allow truecaller to access your contacts". it took me a few moments to decide no. at the time, IOS had a "parental setting" to hide permissions behind a separate password, like location, contacts, payments, gallery, web, yada yada.<p>i learned that truecaller works on "you give your contacts and in exchange we give you a one way access to just search for numbers with names and not the other way around.<p>over time, it became ubiquitous, with people relying on it because "who saves a contact".<p>now its an obnoxious app that comes preinstalled on all cheap custom roms, shows full page ads every time it displays on screen after a call, it even shows up AFTER you have disabled screen overlays, i assume it gets preferential treatment by these rom makers,<p>this is the reason why i have never signed up to whatsapp or given facebook any contacts access or even 2fa ( old fb account, not logged in 3 years)<p>fuck truecaller
Truecaller was a royal PITA when it came to privacy until I figured out how to fuck with the system.<p>1. Anyone that has your phone number and Truecaller automatically gets you a name:phone_number entry in the Truecaller database. To get around this, I created a Truecaller account using my own phone number on a phone with zero contacts and gave myself a fake name(with my choice of subtle cuss words). This takes priority over other entries in the database. Am not sure if it works that way anymore.<p>2. Anytime I need to look up a number, I sign in using a dummy gmail account that I have.<p>There were a good few years where people looked up my number on Truecaller and it showed up a very obscene name that would shock em.<p>I hate Truecaller so much!
The best way to run truecaller is to install this app called 'Island'. This creates a new profile called work profile for you. Use a new google id for this work profile. Then install true caller inside island. I rarely use it but all I have to do is turn on the work profile, look up a number and then turn it back off.<p>I keep all crap apps in the work profile since there is a shortcut in the android drawer to turn it off and on in 1 click. I also assume it saves a bit of battery since these apps can't drain it while work profile is off.
Many in the comment section told that they are using TrueCaller to avoid spam/robot calls.<p>In my personal experience, I found that not creating a TrueCaller account itself avoids having spam calls. I tried this by getting a new number years ago. I do get some spams, but from some services that I am using/has used a few months ago, and they want me to get back in (looking at you, ACT fibernet).<p>Anyway, it's okay to not use such an app for blocking contacts, most modern smartphones has blocking functionality, and some Free/Libre apps has ways to block a number range and works offline without ads. They are more than sufficient for most of us, use them instead.<p>But as the article said, not having proper legislation is the root cause of this problem, from how many services running in India can you delete your account (not unsubscribe/delete app, but delete “account” with personal information) from? Yeah, think about it.
Was home few days back. Someone needed PAN details from Papa, he shared PAN, Aadhar and all other documents with other person on WhatsApp; including things he didn't ask for.<p>People don't know privacy and not aware of misuses in India.<p>And phone number in India is not considered private info. We keep putting banner with number everywhere offline to online.
true caller's dumping of one's contact list is no different what facebook did (and does, though now does with a bit more transparency than in the app's earlier days)
Truecaller is massively popular in my country as well.<p>Before I knew any better, I was ignorant of the permissions and saw it as a worthy trade-off since my contact(s) will somehow end up there, if they weren't already. As all it takes is for someone else who has saved my number to download the app and give it permission.<p>Didn't give them much thought until I started seeing them buy advertisement spots in some of the local daily newspapers. They were getting greedy for more data. From that moment, I deleted my account and created a new account signed in only with a random Microsoft login and the app now lives in the work profile where there are no contacts.<p>The app will refuse to work until you grant it permission to make calls (read your IMEI pre-Android 10) and obviously read contacts permission. It is also quite intrusive. Coincidentally, the other app I found employing such dirty tactics by refusing to launch at all before being granted sensitive permissions is Whatsapp.
> Truecaller’s database that includes users who did not register and did not give consent to having their numbers identified.<p>That's the problem with maintaining absolute privacy. The privacy and security of your information depends on other people even if you do everything to save it.
An interesting side effect of these types of companies popped up during the Navalny team's investigation of Putin's alleged yacht in Italy. They got the ship's crew manifest and then used a database like TrueCaller to check it out. The manifest had the crewmember's name and a phone number - so when you look up the number associated with 'Alexander Pechurkin', other people have him listed as "Sanya FSB" "Alexander FSO" and "Alexander Graceful Procurement". [FSB = Russian security services, FSO ~= secret service, 'Graceful' = Putin's previous yacht]. Pretty interesting work history and descriptions for a Boatswain's mate in Italy.<p><a href="https://youtu.be/WyYp9xPLa8s?t=423" rel="nofollow">https://youtu.be/WyYp9xPLa8s?t=423</a><p>These lists must be a gold mine for intelligence agencies.
It is genius, really. Evil, but genius. Even just getting a reliable name for every number would be handy, I can see the value. But the killer feature is how much information your contacts leak in their description of you, so all of that can be correlated to build a more detailed picture of you.
I am sure someone can build a truly privacy respecting service like true caller and billion plus phone users in India would just sign up for it for something like Rs 100 a month or would they?<p>It is astounding that common person understands the tradeoff when using free service but these ignoramus critics do not.
I think this shows limit of GDPR which maybe could be improved by making companies your data is shared with, seek authorization to treat those data directly, maybe let's say you sign up on $ocial network which share your data with mark€ting company, then maybe mark€ting has to send you an email to be authorized? So that Truecalled can get numbers from contacts list, but can't use them if not authorized?