Prime Minister Benjamin Netanyahu’s Likud party uses personal information obtained from the Truecaller app to send voters personalized messages, although this is against the law, Haaretz has learned. Likud has denied the allegation.
As Israel inches toward yet another election, the different parties are bombarding the public with campaign messages, video clips and polls. They obtain citizens’ phone numbers from various data banks - from election management apps like Elector, into which political activists feed phone numbers, to number banks sold on the free market for half a shekel per number.
Nobody likes to receive a multitude of generic SMS messages and most people tend to ignore them. But if the sender seems to be reaching out to us personally, for example using our real names, they increase the chance of our opening and even clicking on their messages.
West Bank, Gaza Palestinians won't be voting in Israel's election - would they if they could?
Tal Schneider reported last week that Likud uses lists not only of phone numbers but also of the users’ names and even nicknames. This is information which could not have been obtained from the official voter registry (supplied to all the different parties) or even from a commercial data bank selling phone numbers in bulk.
So where does Likud get the information that allows them to match a phone number to a real name? From apps like Elector? From the Likud operated bots on Facebook or Instagram?
Looking into the matter we found that the source is the free and popular caller identity app Truecaller.
When you install Truecaller, it collects all the contacts on your phone and puts them into its own data bank, which consists of tens of thousands of people’s names and phone numbers, if not more. When the user receives a call from an unidentified number, Truecaller cross references the number with those in its data bank and in most cases enables the receiver to identify the caller.
This is an extremely convenient and useful app. However, its price in terms of privacy is very high – all the users’ contacts are exposed. This is a potential breach of privacy that exposes not only the users, but all their contacts as well, without their knowledge.
- Leaked voter info and illegal electioneering: Inside Netanyahu’s Election Day app
- Dear Israeli voters, your info is vulnerable
- App used by Netanyahu's Likud leaks Israel's entire voter registry
How do we know Likud got its list of names from Truecaller? All you have to do is open an account in the app and change your name in it. For example, one user changed their name to “God” on the app. The SMS they received soon after from Likud was addressed to “God.” And they weren't the only one, with others online posting screenshots showing how their new nicknames were now suddenly appearing in messages sent to them by the ruling party.
Is this practice legal? Cyberlaw attorney Jonathan Klinger says a party may not gather names and other details from open data banks without the agreement of the people whose details are listed there.
Also, it doesn’t matter how the information was obtained, because the privacy protection law requires people who gather personal information to make it clear for what purpose the information will be used for.
“If I provide information for a certain purpose, it’s forbidden to use it for any other purpose,” he says.
Haaretz asked for Likud’s comment to this statement:
We have received a report that Likud uses information it gathered from the Truecaller application in SMS’s to spread propaganda, although this is forbidden by law.
The Likud spokesperson responded that, “the statement is false.”