Sarahah lets its users comment on others anonymously but it doesn't reveal the name and neither does the app allow users to reply to a comment. But what is troublesome is the app is collecting something it doesn't even need. Interestingly, the app was doing the same for the devices running on iOS. After Intercept pointed out the behaviour, he stated "the data request will be removed on next update" and that Sarahah's servers now don't host contacts.
With privacy concerns on the rise, such information is certainly causing a negative effect for the app. The app stands accused of uploading emails and phone numbers from user address books to its servers.
When this news was reported by The Intercept, Zain al-Abidin Tawfiq responded by tweeting that the contact lists were being uploaded "for a planned "find your friends" feature". Julian reportedly found that the same occurs on iPhone, and that the app will also re-download all of your contacts if you haven't accessed it on your phone in some time. However, you can still refuse to give the permission and yet continue to use the app. Things get murky especially since the app doesn't offer any feature that would require access to your contacts. Apparently, the app is uploading users' phone numbers and email addresses in the address book to the company's servers, which was spotted by Zachary Julian, a senior security analyst at Bishop Fox when he installed the app on his Android smartphone, a Galaxy S5 running Android 5.1.1. According to him, the app transmits all of your email and phone contacts stored on the Android operating system. If Sarahah did ever begin showing which of your contacts are on its network, as advertised, this would lead to a new problem-it would make it far easier to deduce who is sending messages.
For those who have installed Sarahah but no longer wish to share their data, head over to settings apps and select the app. The site does not ask for permissions to access contacts from any of your address books.