PSA, if someone asks you for contact info (e.g. a phone number) of someone you know, the correct response is "I can't give that to you, but I can give them yours".
It's efficient and adds no round-trips, it's privacy friendly, it's non-awkward and it's social engineering resistant. It's a universally good rule.
And the corollary, of course: Don't ask someone for another person's contact info - ask them to pass on yours.
@ada Yupp. I don't have a problem with that policy. I find the "pass on the asker's info" option preferable myself, though.
I advocate for it, because I feel it's lesser known and I think sometimes people give out info just for convenience because they don't want the extra hassle. So I want them to be aware of a hassle-free, privacy-friendly option.
were this better established and respected, "Give ThisApplication access to Contacts" would never have gotten off the ground.
Yet here we are, where it's industrialized, personal data strip-mining, matter-of-course.
@Bobo_PK Adds a round trip, though. Especially with async communication, that can be cumbersome. It's a tradeoff.
Both options are fine, you can always let the people asking for the contact decide which they prefer.
@the5thColumnist Sure, it's a bit opaque.
Let's say I'm a scammer and I'm texting you "hey I'm Mary's aunt, her mom died and I urgently need to reach Mary. I got your info from X, can you give me her number?"
If you instead pass their number to Mary, the contact can still happen, but Mary might also react with "huh, I'm having tea with my mom right now".
(I mean, it's an off-the-cuff example and a bit stupid, but something like that happening motivated my toot)
The canonical example of social engineering is calling the CEO's executive secretary and saying, "Hi, I'm from the IT department doing important IT things. What's the CEO's email password?"
This is why the doctrine of never giving out someone else's information that one might have in one's keeping hardens one against social engineering attacks.
@the5thColumnist It's well established in a security context. That there is a second usage that is also common doesn't make it "wrong".
@Merovius I've always done that & it's not just privacy but for some could even be a safety hazard if the person is in an at-risk group.
That said, I've had to change my mobile number in the past after someone at work gave a customer my number without my permission & I ended up having work calls at 2am
Or, that's how my best friends and I do this if (and only IF this is the case!)
We know that the other person and the friend had regular contact:
We have anonymous mails.
So we give this mail to those people
And (!) tell each other about this asap.
I think that's a good way.
And there's one very strong argument for our way, I think: there is no need for the third person to give contact info to us.
@Merovius also handing over someone elses contact details without their explicit permission is literally anfelony in #Germany as it violates #GDPR & #BDSG...
#NotLegalAdvice but this is why I can't and won't use #WhatsApp, #Signal, #Telegram or any other #SingleVendor / #SingleProvider #Messenger: They steal data AND have unacceptable ToS!
@ColinTheMathmo @kkarhan @Merovius
You can use these apps without giving them permission to access your contacts. At least in iOS you can.
@Merovius I avoid giving out my smartphone number- or even my email address- because of extreme and chronic social anxiety/stranger danger resulting from some horrible stuff I went through in my formative years, but even if I hadn't I would still feel uncomfortable doing so, and more uncomfortable than I do refusing to give private contact details out to others.
I definitely don't share the private contact details of people I know with another person if I'm asked, at least without permission.
Those who've used the internet most of their life should already know this.
There is an age gap for this to be understood. Before the internet that was how you shared contacts personally, not professionally.
Anyone under 40 should know better.
@Merovius I grew up in a time where you could buy a big book with everyone's contact data in your city.
Unimaginable how anyone survived that without their brains exploding.
@Merovius I do that when people ask me for contact info of folks that used to be on a MU* I ran. I offer to contact the person saying "Hey, ____ wants to reach you, here's their E-mail."
Works great, doesn't betray trust.
@Merovius An alternative would be to ask the other (C) if you (B) might pass their contact to her (A) .
The problem I see in your approach is that it is more unlikely that C will contact A, since they have not the same motivation as A has to contact C. Say there is a grave strictly confidental/personal information A has for C. A might not be able to disclose to B even that this is the case.
On the other hand B could show courtesy to A by asking C about As desire to contact her. And I see no reason why C should feel offended by being asked from A.
Just a thought. Maybe I miss the main point.
@rjf_berger The lowered likelihood of C contacting A is not a bug, it's a feature. That's what consent is all about.
As for the rest, yes. That is a possibility. It has its own set of downsides. The most important to me is, that it requires synchronous conversation between A, B *and* C - or creates delays. And that hassle is - I suspect - a major reason why so many people just default to give out the number.
Passing A's number to C is asynchronous and B's participation is immediately done.
Bizarro!Torah
Merovius
Olav
Miausitzbeauftragte Aada 
Guy on the run
europlus 
like jam or bootlaces
Bobo_PK 🦄
rick
🍵
Richard W. Woodley ELBOWS UP 🇨🇦🌹🚴♂️📷 🗺️
Siderea, Sibylla Bostoniensis
Brad Grzesiak 🦆
Jo Tamar
Ulrike
MostlyTato
Lynn Grant
Peter Mount
Mori
noodle
Wawuschel, toxic JägerJägerin
Evi SnowMew
Kevin Karhan 
Colin the Mathmo
Brendan OhUiginn
Wouter 🛰️
Pixy (old)
verb (printfJess) 🦄
Twopaw
mushroom 🍄
tusooa 
西风 
Cainmark Does Not Comply 🚲
polprog | gorplop
Reina 
cheetah_spottycat
Josh Bruce
Ajax B. Coriander
Zorin =^o.o^=
Daphne🏳️⚧️
ChristieLee
Irenes (many)
rjf_berger