20 Android apps found sending sensitive data to Facebook
In a major surprise, as many as 20 Android apps have been caught sharing sensitive user information with Facebook. The apps, which include big names like Shazam, Spotify, Indeed and TripAdvisor, sent data to the social network without seeking permission of the users. The practice, flagged by a group named Privacy International, continued even when the users didn't have a Facebook account. Here's more.
How these apps shared data?
After analyzing 34 apps, Privacy International found that 20 of them shared data with Facebook without seeking user consent. This typically included analytics data from app launch (like the app's name and a unique Android ID), but in some cases, the information sent was overly broad. For instance, fare aggregator Kayak sent flight search data, including dates, destinations, and if kids would come along.
How the collected information could be used?
We all are aware of Facebook's data collection practices - the company collects data from Facebook and its products and uses that information to build profiles for targeted advertising. In this case, the information collected might not identify you, but the range of apps involved in this matter could give Facebook a pretty good idea about your interests, health, religion, routines, even gender.
Privacy International explains with an example
Explaining the case, Privacy International notes a person with "Qibla Connect (a Muslim prayer app), Period Tracker Clue, Indeed (a job search app), My Talking Tom (a children's' app), could be potentially profiled as likely female, likely Muslim, likely job seeker, likely parent."
Plus, parties involved in the matter could be fined
Collecting and sharing data (and that too sensitive information) is not just unethical but also illegal under the new GDPR regulations. According to the report, Facebook's developer kit didn't provide the option to seek permission until at least four weeks after the introduction of GDPR. Even after the update rolled out, the app still appears to be on the older version, the group noted.
Facebook's comment on the matter
Speaking on the matter, Facebook stated it was crucial for users to know when an app is sending data related to them and to have control over it. The company claimed it is working on a 'Clear History' tool to address such problems. In the meantime, it added users could turn off automatic data gathering and delay sending analytics reports to avoid the problem.