- A new collection of apps has been exposed to send sensitive user data to Facebook.
- This data transfer occurs regardless of whether the user has an active Facebook profile or not.
- At the end of February, an exposé from Wall Street Journal informed how several high-profile iOS apps shared sensitive data from their users with Facebook. Although these users did not have Facebook profiles, Facebook still got the information.
Now, some new research carried out by Privacy International (via The Verge ) shows that other Android and iOS apps are engaged in this exercise as well, two of which are household names: consumer reviews website Yelp and language learning programs Duolingo.
Privacy International also found that the popular job search application really engages in this exercise along with two Muslim prayer apps and a Bible app.
As with previous exposé, Privacy International shows that just withdrawing from Facebook does not necessarily mean that Facebook does not get data related to yo your habits.
This quotation from Privacy International article fully summarizes the situation with seriousness:
This is hugely problematic, not only for integrity but also for competition. The data that apps send to Facebook usually contains information like the fact that a particular app, like a Muslim prayer, was opened or closed. It sounds pretty basic, but it’s not. As the data is sent with a unique identifier, a user’s Google advertising ID, it would be easy to link that data to a profile and paint a fine-grained image of someone’s interests, identities, and daily routines.
To Facebook’s credit, many of these examples of apps that share user data are not Facebook’s errors, at least not directly. In some cases, the app developers send data to Facebook because Facebook’s tools to investigate data may be better than other systems. The fact that Facebook can now access these tasks is just a side effect of this process.
Facebook claims that onus is on app developer – not Facebook – to ensure that sensitive data is properly collected and used legally even though this information is now available for Facebook’s use.
Regardless, it does not make the practice less worrying from the privacy point of view, as it should generally be individual to choose which companies have access to sensitive data about that person. It seems like it’s just not the case with many different apps.
NEXT: Long awaited Facebook “clear history” tool that comes sometime in 2019