A telephone number that the principal considers private has, in most cases, been shared with a small number of trusted parties: the family, the office, the immediate professional circle, the providers that need it for verification. The principal's expectation is that the number remains held by those parties and is not given to others without their knowledge.

The expectation is, in modern conditions, optimistic. The number has been entered into the address book of each of the trusted parties. Each address book is, in many cases, synced to a cloud service. Each cloud service is, in many cases, accessed by other applications on the same device. Each application has, in many cases, asked for permission to read the address book and been granted it.

The result is that the number, originally shared with three people, is now held by the cloud services those three people use, the applications those services share data with, and the partners those applications work with. The same number that the principal believes is private has, in effect, been propagated through a chain of business arrangements that the principal had no knowledge of.

The number appears in the marketing databases of companies the principal has never heard of. It is matched, across services, against profiles that the principal did not know they had. It is, in many cases, a stronger identifier of the principal than their name, because it is unique.

The remedy here is not in most cases the change of number, which is disruptive and only delays the propagation. It is in the considered management of how the number is treated by the parties who hold it: which applications have access to the address books in which it sits, what permissions those applications have, and which contacts ought, by their importance, to be held outside the systems that propagate. The number that is shared with care travels less far than the number that is shared by default.