Clean CacheThere's been so many Facebook scandals in the past year that it's hard to keep track. But this latest one is certainly making the headlines.
Facebook has gotten its hands on sensitive personal data that phone owners have given to other apps due to a software tool that shares that data with the social network for ad targeting purposes, according to The Wall Street Journal. While we already knew apps outside of Facebook share data with the company, this new report claimed health and fitness apps are sharing everything from diet and exercise a user’s ovulation cycle.
Trying to get pregnant? Facebook might know that now. Apps like Flo Health, an ovulation tracker, and companies like Azumio Inc., which make popular heart rate trackers, use “App Events”, a Facebook tool to user-submitted data with the social network without explicit consent from the user. The data helps Facebook improve its ad-targeting tools that those same app developers use to reach existing and new users on Facebook.
In other words, Facebook can collect data submitted by users of a participating health app, match it to its own users, and better label them and target them for ads. The data is sometimes anonymized, but there are markers that allow Facebook to match it with its users. However, Facebook said it tells developers not to share "health, financial information or other categories of sensitive information" with it
The WSJ claimed it looked at 70 participating apps, most of which were popular iOS 11 apps, and noticed 11 of them shared date with Facebook without notifying users about the data-sharing tool in privacy policies or terms of service. Realtor.com, oddly, was named as one of the apps.
Facebook seems to be washing its hands clean of this scandal, telling the WSJ that developers must make it clear to users what data they're collection and sharing with Facebook, though consented that some of the reported information-sharing practices appear to violate its terms. Facebook will now make those apps stop sharing sensitive data and promises to be strict with developers if they don't follow through.
It also claimed it automatically deletes some data it receives, including social security numbers from banking and other financial-related apps.