Add crowdsourced spam blocking repo to the NextCloud contacts manager

NextCloud has a pretty decent contacts manager app straight out of the box. But I was thinking of a feature which might be worth thinking about adding and would give additional unique value to NC over other cloud platforms.

My phone number is on the internet, and I get something like 3 or 4 calls a day from spam messages, scammers, or just robocallers who call every number in the book and then listen for noise on the other end to check and see if the person who owns that number is still picking it up.

Because of this, I have had to install an app on my phone called [“ShowCaller”].

ShowCaller is a phone call and contact manager. When someone calls you it shows you a little popup and if the person has been flagged by the community as spam, it will show that, and if enough people have tagged a number as spam then it will be auto blocked.

I haven’t switched to NC for my contacts in part because the google contact manager is so useful for keeping my phone stuff in sync. But ShowCaller requires a subscription and it’s close sourced and opaque on how they deal with privacy.

Privacy is a tricky subject with this idea I’m proposing because privacy is a concern on multiple dimensions.

Kodi has a thing called “repo subscriptions” where you can subscribe to a repo location and get updates from it. This kind of approach could perhaps be used to deal with the privacy issues. [Blokda] is a VPN based ad blocker app for Android that uses a similar “blacklist” subscription to distribute known IPs for ad companies and is also a possible model for this. Here’s some possible combinations and ranges of privacy that one could consider.

High personal privacy, high public privacy:

You host a private repo on your own machine. You can name your contacts, keep them in sync, but also flag people as spam who from then on get autoblocked. You are the only person who accesses this repo.

Medium high user privacy, medium public privacy
You host a private repo on your own machine. Authorized users can access the repo and contribute whatever information they so choose to share. Some of that information might be flagging numbers as spam which then other subscribers of the repos will see as flagged on their devices.

Medium low user privacy, low public privacy:

The user does not themselves host the repo, instead they subscribe to it on some else’s server. Information from their contacts is added to the collective crowdsourced database which is available for subscription by any user with a compatible NC instance etc.

The idea of enabling the distribution of people’s contact information is… difficult, but I think it might also be possible within the context of the security and privacy minded structure of NC, in that right now, anyone of us could go out and post our contact list as a text file on pastebin, and providing either selective opt-in or a full on toggle to send that into to a private repo, a repo shared with authorized users/friends, or a fully public repo at least allows that process to work in the context of informed consent rather than in the opaque closed source world of apps like ShowCaller. Additionally, it seems to me that in some ways allowing people to use block lists like this has in effect the ability to enhance people’s privacy, in that it allows people to proactively cut off their own personal information from use to harass them (such as when people have used things like [Twitter Blocklist] to reduce the intrusion of advertisers or trolls in their use of twitter)

I know this idea might be controversial and I think it’s worthwhile having a discussion of the privacy concerns it might raise, but I also think it could be extremely useful if the NC contact list not only allowed me to sync my contact information, but also allowed me to sync with my friend’s contact information, my company’s contact information, and that these syncing/tagging could even be used by other apps to perform automated functions such as blocking etc.