136 comments

[ 3.3 ms ] story [ 107 ms ] thread
I believe, Truecaller is an auto opt-in and you have to manually opt out if you want your number not be listed. I had to "unlist" my number manually. Check if your number is already in and then unlist at https://www.truecaller.com/unlisting
>Check if your number is already in

How do you check whether your number is "in"?

Enter your phone number on this page: https://www.truecaller.com/

Once you do, you have to log in with either your Google or Microsoft identity and agree to let them download your contacts.

One piece of legislation that I wish would exist is a universal opt-out requirement with no contracts. Many times you want to "opt-out" of something they require you to create an account or agree to something.

Since they have already done an action without your consent or agreements they should be able to remove you permanently without requiring you to agree to anything, signing up or mailing crap.

You must be joking. You are joking? Aren't you?!?
I'm sorry; I didn't realize they need you to login to check that now. Earlier you can check any number.
Thank you for posting that link. The last time I checked, they were asking to install their app and then unlist yourself from there.
Well now they want you to sign in with google/microsoft. Never gonna do that. I should create a few dozen fake accounts for these kind of companies.
Indeed. You may also want to buy a bunch of (preferably pre-activated) SIM cards, as registering such accounts will require a phone number, and they limit the number of accounts that can be created with one phone number.
There is no such thing as unlisting a number, atleast last time we tried multiple times but it still keeps showing up
IIRC when looking into this some time ago, if someone who has your number uses truecaller then your number will reappear. So depending on your level of paranoia you might want to regularly check that unlisting page.
I have tried this for both of my numbers and it has worked quite well. May be you need to try it one more time?
I just tried to put my phone number through it and it gave no indication of success or failure. Pulled up the debugger and see that it gives a 400 exception of "ProfileNotDeactivated" when I submit my number.

Seems seriously shady.

I have had many experiences where I tried to order tea at a small tea-stalls (digitally empowered) on the streets of India, and first thing they ask is my phone number! I reject anyone asking my phone number unless dire and a must-one. I also noticed that almost everyone will blurt out their number when anyone ask them.
Some businesses do exactly the same thing in the US. It is fascinating to be a bystander and hear how willing most people are to just give over their phone number. And of course, not just the store could be recording it, anybody within earshot could.
Most people do it to get a discount, or convenience of some sort such as a text when your food order is ready for pickup.
Many times, yes. But even places like great clips do it, and they're not giving discounts. At best, they might send you ads that give you coupons you could have gotten anyway.

Always worth remembering, in any case, that someone always registers <your-area-code>-867-5309. Use that to get discounts wherever, like Safeway. I remain a little surprised they didn't long ago put that number pattern on a blacklist.

Last two years, maany shops and malls started collecting names and phone numbers of visitors in the guise of COVID xontact tracking
But do people still put up with this? Here I haven't seen this for a long time.
What do they do with the number?
In the U.S., if it's a supermarket or a large chain store, they either sell it to other companies, or use it as a unique ID for your purchase history and customer profile. Sometimes both.

I'm not sure what a small-time tea stall would do.

When you install the app they steal your contact list and populate their database that way. Most people are unaware of this, or don't care since we are a third world country and privacy is seen as a first world problem. The vast majority of thinking here is not very sophisticated about these types of topics. Only a very tiny fraction of the total population is averse to sharing personal information like phone numbers. It's common to see folks post their tax ID numbers etc on public forums, tweets, etc. too.

For a number of years it was quite common for folks in the lowest income brackets to change their phone numbers quite often because of rampant competition between mobile network providers. The "Mobile Number Portability" system was eventually introduced that minimized this to a large degree. Eventually the competition subsided and this reduced significantly to a point where it's not very common anymore per my understanding.

When I need to use Trucaller I use it via their web interface exclusively with a google account that has 0 contacts for them to steal. I remember finding my number listed many years ago as my name with (web developer) in parenthesis, likely stolen from some old customer of mine.

My wife installed TrueCaller on her phone. She is technical but not a developer.

I asked if she knows they steal your contact list and spy on you and her answer was “so? It’s just phone numbers and names and they need to get the data somewhere as they are providing the service for free”

I live in a developed country and we have a high standard of living.

Giving this anecdote to illustrate many people genuinely don’t see TrueCaller’s spying as a big deal. This is unfortunate but it’s how things often are.

Honestly it's the same thing with the (well-educated) people who have their entire lives on the Google cloud and don't have an issue with the privacy practices of Facebook and Tiktok. They know the companies use their data and they don't mind or care - all they want are their free services.

To them features/functionality/cost is first, and privacy is an afterthought. I see this view in a lot of people nowadays.

We definitely need some scenarios where this kind of spying plays out badly for the user, so we can use them in arguments against these practices. Without examples, I can't blame users for calling these dangers hypothetical, really.
Perhaps too niche, but Bellingcat have used these sort of apps in the past to identify Russian officers
It's worth noting that Instagram does this too, under the guise of "Find Your Friends." When you sign up for a new account, they aggressively prompt you to sync your contacts list with the app, and will continually prompt you in the future if you choose not to. Nearly all of my friends have this enabled.

This is not a one-time sync, either. It will upload future new contacts and changes.

And, finally, if you manage to create a new account without a phone number, Instagram appears to flag your account for suspicious activity at some point and mandates that you do. They can then correspond your phone number with other users' contact lists to determine your identity. It can even suss out if you provided a Google Voice/VOIP number and require a "real" one instead.

https://help.instagram.com/195069860617299

Contact lists should be treated like PII and have laws and technical controls against sharing them without the permission of the contact. Incredibly difficult to do no doubt. But if people are ok to share their contact let them. Let others opt out.
> When you sign up for a new account, they aggressively prompt you to sync your contacts list with the app, and will continually prompt you in the future if you choose not to.

Even everyone's much-loved Signal does this. Contacts sync is presented as "not now" or "yes forever." The "not now" message even explicitly says they'll bug you again.

Are you sure? This page [1] says this is not the case

[1] https://support.signal.org/hc/en-us/articles/360007061452-Do...

No, they're still uploading the same data as they did before (last I looked into it, it was still enough data to rather easily reverse and get pretty good accuracy. if it wasn't accurate, it would have unacceptably many false-positives, so it's a necessary quality of the system).

Regardless of how you hash them, it needs to work on a phone, and it needs to be reasonably unique... so you can just enumerate literally every phone number ever on a decent computer in a few seconds and, if combined with basically any other information at all (like an area code), that's enough to figure out many or most contacts trivially.

The difference, which that article goes into, is that now they're going all-in on you also trusting Intel's SGX and thus every single thing in between you, them, their hardware delivery pipelines, etc. Which makes collecting that data completely ok (it's done securely now thanks to SGX!), because you should obviously trust Intel because CPU vendors have had such a fantastic track record in their on-chip security systems. (</sarcasm> in case that wasn't clear)

There's a lot to like about Signal's privacy, both in isolation and in comparison to other messengers. They're doing great work. But I have absolutely no idea why they persist in this data collection. Their bull-headedness on zero options around it for years on end smells more suspicious than anything else at this point tbh. About 3/4 of the people I've known who installed Signal immediately left forever because someone they knew contacted them to say "welcome" and they got super creeped out wondering how they knew they had joined. And then the contact-er frequently left too because they had no idea it wasn't consensual, and were creeped out as well.

Signal is worse, because when you sign up with a phone number, everyone that has your number in their address book gets a notification from Signal that you signed up.
They claim it is done without revealing these contact to signal.

Assuming they are telling the truth, why would you care that your contacts know you also use signal (like them)?

Facebook has done this periodically over the years as well. So I'm not surprised they ported that feature over or independently evolved to it on Instagram. I had caught on to the concept of breaking the social graph by using a virgin email and never putting in a phone number not even for 2-factor even once. But then there is a great risk that they flag you for "spam" within days or minutes!

Honestly, Apple needs to get in front of this on iOS just like they've done partially with Location data, Photos/Videos, and data brokering. They need to let you select shareable contacts. Kind of like the Circles that Google Wave had. Instead of letting apps force you into an all or nothing approach.

India has a huge problem with spam / robo callers. Also its common for individuals to have more than 1 phone number, see how popular dual sim phones are.

Also true caller adds security when you're from an under represented or a minority groups. I especially know women who use Truecaller to make sure they know who is calling / texting them from new numbers.

> India has a huge problem with spam / robo callers

That's everywhere, not just India.

I cannot speak about all other countries.
You’re playing coy, India is a source of a huge number of the worlds phone scams. With Brazil being the “most spammed.” As a slightly related caveat, with how frustrating the scammers are for me in the Us I can only imagine Brazil. Their phones must ring 24/7.
And do you think Truecaller has anything to do with that?
Probably not. But their job is to keep track of all of this, they’ve clearly made a healthy premium, so I do believe they have a part in both not preventing it at this time and helping to prevent some of it going forward. Not sure what that entails but I get a dozen calls a day and need someone to yell at.
Yes, but aren't we talking about which country is the target of the scams, not the source?
> see how popular dual sim phones are

Having multiple SIMs in India will go away, or at least become something only the rich have, it's only a matter of time. This is because having that second SIM is no longer cost-free.

Multiple SIMs in India were a side-effect of it being near-free to have a prepaid SIM to receive calls. This was subsidized by high calling charges (calling from one part of India to another was expensive) and even higher data prices.

Then Jio entered the market with a ground-up 4G network and said, this is BS. Calls and texts are free, with no reasonable limits. We'll only charge you for data, and we'll provide 1.5GB a day or more -- starting at INR 150 a month paid 3 months at a time. The party ended for a lot of operators at that point as they hemorrhaged customers. Most operators simply folded or merged until now there are only 3 private players and one non-serious state player.

Driven by pressure from Jio, the other two private players (Airtel and Vi, aka Vodafone) have decided to amp up monthly charges for pre-paid phones. Essentially, if you're not spending at least INR 120 a month they don't want you. India has number portability so it's not like you're held hostage or anything.

INR 120 sounds super low but it's not for a lot of Indians who earn salaries closer to India's median per-capita income, and also it's an extremely limited level of service, for actual use you need to pay more -- typically around INR 250 monthly for 1.5GB data per day (remember, most Indians don't have wired Internet so 1.5GB data per day is not excessive). Jio and its competitors have hiked prices substantially, of course.

The last refuge for people on limited budgets is the state-run telco, BSNL, but the government will sell it -- it's only a matter of time. Expect prices to spike again, then.

Anyway, multiple SIMs in India are increasingly less viable for ordinary people. It'll take a while for behaviour to change, but it'll change.

Coincidentally, the US is also down to 3 mobile networks.

I wonder what the percentiles is for number of networks in populous and large countries. Perhaps 3 networks is the number of maximum economically viable long term networks due to the enormously high cost of installing all the fiber and cell station infrastructure across the country.

Don't forget the carrier locking in the US, and the "Verizon phones" / "global phones" vs "ATT phones" with different LTE bands.
(comment deleted)
Another data point: Australia basically only has 3 nation-wide mobile networks.

They're broadly compatible from a handset perspective - sometimes there's better coverage for one or the other in some area or newer tech but for most day-to-day use you can get a SIM from any carrier and expect to be able to use it any (non-network-locked) device.

> Then Jio entered the market

If I am not mistaken some shell company bought the spectrum then Jio bought the shell company.

I’ve gone a few steps further and answered the “So?”. My wife thinks I’m a conspiracy nut even though I’ve provided proof of things that have happened. She thinks if it was that wide spread it would have been stopped already.

Fortunately we’ve agreed on not sharing kids pics and information on places like FB insta etc.

(comment deleted)
Not that someone cares, but in the EU she would be responsible for violating the GDPR. Many people don't know that they are responsible as private citizens.
Only true if she violates a national law. GDPR itself does not apply to private citizens.
GDPR does apply to private citizens. It does not apply to private citizens doing private things only eg with their phone.
I think a lot of that comes from the fact that phone numbers being private at all is not a universal consideration. My town still, every year, sends me a paper book full of every resident's address and landline telephone.
And here's where how something is used makes all the difference.

I have zero issues with my neighbors having my phone number. If I lived in a smallish place, extending that would be fine.

I have huge issues with spammers and con artists having it.

A locally distributed physical book works great for the first and, at the very least, makes the second work for it.

Online databases are basically made to order for the second, and are far more extensive than needed for the first.

It is just another example where adding automation and cheap storage actively makes a situation worse.

In my country the same physical book has been available online for decades.
It used to be that the phone company would annually throw a book on your porch with everyone in your town's name, phone and address. I can see how someone with that as a mental model for contact lists wouldn't see a problem.
I'm old enough to remember telephone directories. Phone companies would publish listings of name, phone numbers and addresses of everyone who had a phone.

Fun fact: Elector rolls are public record. Your address is already out in the open.

> Giving this anecdote to illustrate many people genuinely don’t see TrueCaller’s spying as a big deal.

That's because it makes no material difference to them.

me too! I'm glad it's no longer the case though personally, if you've ditched "land lines" (at least in Canada?)
This illustrates the reverse lookup problem with these services. You can take pains to use a Google account with zero contacts. That safeguards the information of your contacts. But Trucaller already has your information because they get it from other people who have added you in their contacts list, and who aren't as privacy conscious as you are.
I consider it a fair trade. I hand over my contacts and you tell me with high-confidence who the other person on the other end is.
Can you explain what it is that gives you the right to hand other people's personal information to another entity?

Especially as part of a commercial transaction to a for-profit company?

"Hey, Bob! I'm going to give some company your name, phone number, occupation, and whatever else I know about you stored in my contact list in exchange for a beer. Is that OK?"

Do you make someone sign a legal document when you give them your number detailing the uses and limitations of how they can share your number? No. You don't.

Once you give your info away it is not "your" info anymore. It is info about you, but you do not own it.

Is it rude? sure, but not illegal.

> Is it rude? sure, but not illegal.

Depends on the jurisdiction. Under the GDPR this might very well be illegal, though obviously enforcement of it is significantly lacking so it's unlikely to ever actually be tested in court.

Lots of things are amoral but not illegal. I also don't think anybody above you claimed it was illegal.
The issue here is that your contacts did not agree to you sharing their information with a third-party.
I don’t know. If you give me a soda, that soda becomes mine to do what I want. I can pour it on the ground, drink it, or give it to someone else. I feel the same way about ways to contact someone. With today’s technology, they can block people they don’t like but it’s not my job to be their gate-keeper.
The poor analogy, mild sociopathy view
Folks in India consider phone numbers as non-personal Info. They even write their phone no.s on social media profiles openly.

I started using TrueCaller some 8 years back and the biggest reason for me to use it was to prevent Robo callers/spams.

"When you install the app they steal your contact list and populate their database that way."

What if you avoid using the system default contacts store, i.e., keep it empty, and instead you use an app like OpenContacts.^1 To apps like TruCaller, it will appear the the user has no contacts.

1. https://f-droid.org/packages/opencontacts.open.com.openconta...

https://github.com/sultanhamer/opencontacts

I have two phones, one with a cell phone chip from a third world country, and one which is not.

Guess which one gets all the apps - It's definitely not the one that costs me over 100$/mo to maintain!

It doesn't matter that you have 0 contacts. They will still be able to map you through other people's contact list.
I'm fine with having my number listed. I don't want to be the person that includes some other individuals number to them.

I also want to minimize their information about my network.

> The vast majority of thinking here is not very sophisticated about these types of topics

Oh it's the classist "I'm smarter than the average person in my country" crowd again.

Why do you assume you know better? Perhaps they know what they're trading and perhaps it's worth the cost.

true caller's dumping of one's contact list is no different what facebook did (and does, though now does with a bit more transparency than in the app's earlier days)
true caller's dumping of one's contact list is no different what facebook did

I don't see anyone in this discussion saying that what Facebook did was OK.

Or is that the point that you're making? Because one person stole a car, it's OK for everyone else to steal cars, too?

no. I'm still pissed off at facebook for doing that, and I tried at one point to convince a class action firm that deals in privacy related things to take it up as a case. I'd like if people who are upset at truecaller for this, aim some of their ire at facebook.
oh boy. this is interesting.

back in 2011. i had "heard" about this. i had an iphone 3GS and an iphone 2G at the time. the 3GS had gotten ios5 if i remember correctly.

installing the app, it asked me very strangely to "allow truecaller to access your contacts". it took me a few moments to decide no. at the time, IOS had a "parental setting" to hide permissions behind a separate password, like location, contacts, payments, gallery, web, yada yada.

i learned that truecaller works on "you give your contacts and in exchange we give you a one way access to just search for numbers with names and not the other way around.

over time, it became ubiquitous, with people relying on it because "who saves a contact".

now its an obnoxious app that comes preinstalled on all cheap custom roms, shows full page ads every time it displays on screen after a call, it even shows up AFTER you have disabled screen overlays, i assume it gets preferential treatment by these rom makers,

this is the reason why i have never signed up to whatsapp or given facebook any contacts access or even 2fa ( old fb account, not logged in 3 years)

fuck truecaller

Advantage it brought to me is that I can know if caller is spam and ignore/block the call. TrueCaller added value there.
I just assume every call not from a contact is spam and let them go to voicemail. It's even a built-in feature of the phone. That's the world we seem to live in now, where the POTS network has been thoroughly corrupted by the mere existence of SIP.
Is true caller any different than an automated yellow pages?
If I give you my phone number, and you have True Caller installed and save my number to your contacts, I unknowingly and unconsensually also give my phone number to True Caller and essentially the entire world.
Aren’t yellow pages also adding everybody’s number without consent?

I didn’t grow up with them so I might be wrong.

It was the white pages but yes. That's why there is such a yawning gap between reality, where nobody gives a fuck if you know my phone number, and niche online privacy activism, where for some reason people care a lot.
It's done by your phone company and they're supposed to let you know and allow you to opt-out.
For one, yellow pages was centrally managed by the phone company you were a customer of, and opt-in (you may be thinking of the white pages for residential customers, which was opt-out). Also, the information in the white/yellow pages is curated and just the name provided by the customer. TrueCaller gets every tidbit of information that your contacts decide to use to annotate your number. Many people use more in the description than just your name.
Thanks for the explanation, I didn’t grow up in the west/US so we had no such thing or service. I just remember movies with big yellow books with contact or company information.

I would say most people would use contacts like “Joe Plumber” or “Maria Tinder”.

Truecaller is kind of a substitute for identifying spam calls where I grew up where there is no alternative. Also helps when someone is calling you and you want to avoid answering them.

Most people definitely don’t care that it’s taking all your contact info though the utility of the app is well worth it.

Yellow pages is a flat list. TrueCaller is a contact graph which is very strong proxy for social graph.
Indias privacy laws are truly lacking. I am surprised that the government hasn’t enacted any laws for this yet.

I have a number of stories for this. Indians are so used to this that sometimes people are shocked when I say no to sharing information that they request.

For example in a startup, the HR reached out on WhatsApp to all employees in a group and asked for certain documents and information etc.

About Truecaller: - It’s default opt in (with almost no way to opt out*)

- It requires access to your entire contact list - to mitigate this, I request Apple and Google to implement folders for contacts or something similar to how you can limit access to all photos on iOS per app. That way you can create an empty folder and share it with Truecaller

- It’s also impossible to change the wrong data that Truecaller somehow gets from some other contact list

My sibling recently got a new number and Truecaller assumed some other name and identity. Fellow Indians believe Truecaller more than they believe the person they are talking to (shows how much spam gets passed around)

This is NOT just TrueCaller. The same thing happens with Paytm and other payment apps.

Paytm for example assumed another identity and they requested us to submit multiple docs to prove our identity even though we never used the platform before. Even after multiple attempts and submitting multiple ids they refuse to change the data

In India, privacy is always secondary. I remember, last time I was at jewelry shop in Western MH, I had to provide PAN card or Aadhar card since purchase warranted this check. W/o even thinking, folks in my family forwarded those details on Whatsapp.
PAN Card - Tax identification

Aadhaar - “Universal” identifier. Needed for pretty much anything. Including, apparently, buying jewellery.

Is it like in El Salvador, where the Unique ID number is even needed to pay the $2 water bill?
So if you're a tourist you can't buy anything? Weird.

Spain has a similar thing for this, you have to give your NIE/DNIe number everywhere. Like when ordering something online. But not in brick and mortar shops.

Still I find it a very poor practice in terms of privacy.

Buying stuff through QR codes is very common in India now. You can pay for everything from groceries to street food using QR codes. It runs off the government-sponsored UPI standard. However, AFAIK you need an Indian bank account to be able to participate. It's quite a pain coming from abroad, and I just used cash instead. That does mean I have am prone to paying foreign withdrawal fees, but alas. It does work pretty well for the people of India though.
AFAIK you're only required to give these details when your total bill exceeds a certain amount (~50,000?) and it's largely because buying gold/jewelry is a vector of money laundering and tax avoidance. I don't buy jewelry but ran into this recently when my mother wanted some.
Yeah, I truly wonder when 80 percent of population surviving on less than 2-3 dollars a day why doesn't government just double down on privacy first leaving everything else aside.
Not sure why you are being sarcastic. Being poor doesn’t mean people don’t deserve privacy. In fact it can enable for more business opportunities.

Government doesn’t operate in series on an issue one by one. This is why you have so many ministries in the govt. Just because roads don’t exist doesn’t mean govt should stop building railways and only think of roads.

I believe that the point the sarcasm meant to address was that poorer people cannot afford to push back and prioritize their privacy the way that folks with more privilege can.
That's not the point though. Govt can sure enact/enforce tough laws. But poor people just don't care; for a few bucks they will happily part with their IDs and PII info. When demonetisation happened most of the ill-gotten currency made its way to the banking system through poor people's bank account.

In other words, privacy is a luxury that poor people can ill afford. Do poor deserve privacy? Absolutely. But it doesn't take much to get them part with their private data. They are stuck at the lowest level of Maslow hierarchy where as privacy is at least two level above them. Can government do something to protect their privacy? Probably, but I just can't see how it'll be successful when the citizens themselves don't care much about privacy.

makes sense, thanks for clarifying. I misunderstood GPs comment
I really like the idea to share a fake list. I think creating separate contact list folders is a bit much for the user, but adding a general permission grant option like "As if empty" or "Use placeholder" might be easier. An app requests my contacts? I can "grant" permission to an empty contacts list.

I think this idea generalizes to other permissions too. Want to know my location? I hit the "placeholder" button and the app gets some generic location that never changes. Valid data flows through, so the app can work, but not my private information.

An interesting side effect of these types of companies popped up during the Navalny team's investigation of Putin's alleged yacht in Italy. They got the ship's crew manifest and then used a database like TrueCaller to check it out. The manifest had the crewmember's name and a phone number - so when you look up the number associated with 'Alexander Pechurkin', other people have him listed as "Sanya FSB" "Alexander FSO" and "Alexander Graceful Procurement". [FSB = Russian security services, FSO ~= secret service, 'Graceful' = Putin's previous yacht]. Pretty interesting work history and descriptions for a Boatswain's mate in Italy.

https://youtu.be/WyYp9xPLa8s?t=423

These lists must be a gold mine for intelligence agencies.

Anyone can do this.

Ekata reverse phone is a plugin inside the twilio plugins directory (or whatever they are calling it this week).

I wrote a unix command named 'lookup' which takes a single argument (phone number) and spits out "associated people" in a nice yaml output:

            "is_commercial": false,
            "associated_people": [
              {
                "name": "Ms. Amanda Joy Lastname",
                "firstname": "Amanda",
                "middlename": "Joy",
                "lastname": "Lastname",
                "relation": "Household",
                "id": "Person.02884d55-980e-450c-a1e2-99999999999b"
              },
I haven't checked but I'll bet I could get API service (for a fee) from Ekata and query these person IDs they are using and then fill out a whole social graph.

It's a neat trick but other than confirming mobile=true and carrier:

    "carrier": {
      "mobile_country_code": "311",
      "mobile_network_code": "489",
      "name": "Verizon Wireless",
      "type": "mobile",
      "error_code": null

 ... I haven't found much use for it.
That is really cool! Is this something that's open sourced by any chance?
The best way to run truecaller is to install this app called 'Island'. This creates a new profile called work profile for you. Use a new google id for this work profile. Then install true caller inside island. I rarely use it but all I have to do is turn on the work profile, look up a number and then turn it back off.

I keep all crap apps in the work profile since there is a shortcut in the android drawer to turn it off and on in 1 click. I also assume it saves a bit of battery since these apps can't drain it while work profile is off.

Do you know if this works if I already have a legit work profile setup on my phone? Do you need to give Island administrator privileges on the device?
If you already have a work profile then Island will want to delete it first so I guess this won't work sorry
I find TrueCaller immensely useful. Especially to filter out and block spam callers. Spam calls and robocalls are a HUGE problem in India. TrueCaller flashes spam callers in red, you can reject the call and save a few precious minutes of your life. About half of the calls I receive a day are spam calls. If I were to answer them all and then reject it would be a waste of time and energy.
It's heartening to know that it isn't just Americans whose phones are overrun by Indian spam callers.
Most of these are not scammers trying to scare in the name of tax authorities or IT support scammers. They are mostly tele-callers trying to sell property, insurance, loans, credit cards and such. Nuisance nonetheless.
A cabinet minister (secretary in US administration) got a call like this out of the blue. That is when the India govt work up to the problem. Nothing was done so far though,
(comment deleted)
I used to use Truecaller, and it is useful, but it got gradually more and more obnoxious over the years, until eventually it would nag you about paid subscriptions whenever you opened the app, and throw up fullscreen ads whenever you received a phone call. So at that point I uninstalled it.
(comment deleted)
I think this shows limit of GDPR which maybe could be improved by making companies your data is shared with, seek authorization to treat those data directly, maybe let's say you sign up on $ocial network which share your data with mark€ting company, then maybe mark€ting has to send you an email to be authorized? So that Truecalled can get numbers from contacts list, but can't use them if not authorized?
Americans have avoided this problem by making the overwhelming majority of phone calls spam, so any call not from an existing contact is ignored.
I would love if that were the case, but I don't see how workable it is because caller id is spoofable, and people commonly need to pick up calls from local unknown numbers like doctors offices, mechanic, etc whose number you may not have(or who may call from a whole bank of numbers).

The best bet is to try to get a phone number from across the country. If you live in NY, get a phone number from a city you have no relation to, say Seattle. Then, anyone calling from Seattle is almost certainly spam and you can still pick up 212 or 646 numbers.

I did this by accident. Best bit of advice you can give, honestly. Most people don’t know that if you actually make friends with they guy/gal setting up your account (and not doing it online), you can literally choose your phone number. My phone number spells my (very popular) first name and is from an obscure part of the US. Any phone calls from there is spam. That being said, bots tend to use that prefix for spam, in general and for a few years there, I got a lot texts and calls: “missed call from this number, who dis” and “I don’t want your warranty” type of things. That was annoying.
(comment deleted)
Truecaller is massively popular in my country as well.

Before I knew any better, I was ignorant of the permissions and saw it as a worthy trade-off since my contact(s) will somehow end up there, if they weren't already. As all it takes is for someone else who has saved my number to download the app and give it permission.

Didn't give them much thought until I started seeing them buy advertisement spots in some of the local daily newspapers. They were getting greedy for more data. From that moment, I deleted my account and created a new account signed in only with a random Microsoft login and the app now lives in the work profile where there are no contacts.

The app will refuse to work until you grant it permission to make calls (read your IMEI pre-Android 10) and obviously read contacts permission. It is also quite intrusive. Coincidentally, the other app I found employing such dirty tactics by refusing to launch at all before being granted sensitive permissions is Whatsapp.

(comment deleted)
It is genius, really. Evil, but genius. Even just getting a reliable name for every number would be handy, I can see the value. But the killer feature is how much information your contacts leak in their description of you, so all of that can be correlated to build a more detailed picture of you.
I am sure someone can build a truly privacy respecting service like true caller and billion plus phone users in India would just sign up for it for something like Rs 100 a month or would they?

It is astounding that common person understands the tradeoff when using free service but these ignoramus critics do not.

Nobody really wants to pay for services, ever. We have trained them that everyone ought to be free. And the evil genius of truecaller is that you're not being asked to give up your own privacy, you are just giving up your friends'. And of course that comes right back around to you because if just one of your friends feels the same way, you're in the database too.
I am assuming it has plenty of cell spoofing tech in there too
Was home few days back. Someone needed PAN details from Papa, he shared PAN, Aadhar and all other documents with other person on WhatsApp; including things he didn't ask for.

People don't know privacy and not aware of misuses in India.

And phone number in India is not considered private info. We keep putting banner with number everywhere offline to online.

> Truecaller’s database that includes users who did not register and did not give consent to having their numbers identified.

That's the problem with maintaining absolute privacy. The privacy and security of your information depends on other people even if you do everything to save it.

Many in the comment section told that they are using TrueCaller to avoid spam/robot calls.

In my personal experience, I found that not creating a TrueCaller account itself avoids having spam calls. I tried this by getting a new number years ago. I do get some spams, but from some services that I am using/has used a few months ago, and they want me to get back in (looking at you, ACT fibernet).

Anyway, it's okay to not use such an app for blocking contacts, most modern smartphones has blocking functionality, and some Free/Libre apps has ways to block a number range and works offline without ads. They are more than sufficient for most of us, use them instead.

But as the article said, not having proper legislation is the root cause of this problem, from how many services running in India can you delete your account (not unsubscribe/delete app, but delete “account” with personal information) from? Yeah, think about it.

Truecaller was a royal PITA when it came to privacy until I figured out how to fuck with the system.

1. Anyone that has your phone number and Truecaller automatically gets you a name:phone_number entry in the Truecaller database. To get around this, I created a Truecaller account using my own phone number on a phone with zero contacts and gave myself a fake name(with my choice of subtle cuss words). This takes priority over other entries in the database. Am not sure if it works that way anymore.

2. Anytime I need to look up a number, I sign in using a dummy gmail account that I have.

There were a good few years where people looked up my number on Truecaller and it showed up a very obscene name that would shock em.

I hate Truecaller so much!