Sometimes Facebook is not the one you should blame for privacy violations involving Facebook. For example, a Wall Street Journal survey found 1
It's about an analysis tool that Facebook offers developers called App Events. It is a plug-and-play SDK that helps developers set up custom traces of user activity that can be translated into ad targeting data. Facebook is not the only company that offers this type of tool, but according to the Wall Street Journal, it is implemented in thousands of apps.
To get an idea of how this SDK is used, Journal software is used to analyze the internet communication of over 70 apps. "Tests found at least 11 apps sent Facebook potentially sensitive information about how users behaved or actual data they entered," the report says. For some reason, the paper decided to just identify five of the apps by name. They are:
- Instant heart rate: HR Monitor – Transferred heart rate data.
- Flo Period & Ovulation Tracker – Shared when a user had his period.
- Realtor.com – Transferred placement and price of listings seen by a user.
- BetterMe: Weight Loss Workouts – Shared users' weight and heights.
- Meditation App Breethe – Shared users of email addresses used to log in to the app and the name of the meditations that the user completed.
Flo seems to be the most obvious personal example of sharing information that users may not be aware of, and the company's response to questions did not inspire confidence that they are taking the issue seriously. From the report:
Flo said in a written statement that it does not send "critical user data" and that the data it sends Facebook is "depersonalized" to keep it private and secure.
Journal testing, but showed that sensitive information was sent with a unique advertising identifier that can be matched with a device or profile. A Flemish woman eventually said that the company would "substantially limit" the use of external analysis systems while conducting a privacy audit.
Facebook did not respond to Gizmodo's request for comment, but told the journal that it tells developers that they should not share "health, financial information or other categories of sensitive information." The journal tested the top ten funding apps in Apple's US app store and found that no one seemed to share sensitive information with Facebook. However, health information such as periodic cycles, heart rates and body weight fluctuations were all divided into apps that were evaluated. Facebook said it would inform the challenging apps developers to stop transferring prohibited information, and if they continue to violate the rules, it may take further action.
Some of the developers quickly changed their guidelines after being contacted by the Journal, others did not respond.
In the world of Facebook-related scandals, this one stands as quite low on the rebel painter. But it again shows that you don't even have to be a Facebook user to find out that you have unknowingly handed data to the tech giant. It is also an important reminder that users should be cautious about sharing health information, especially at a time when insurance companies look for social media and data analysis to determine premiums.
We can also find out that abuse of Facebook's SDK is more prevalent than we understood. New York Governor Andrew Cuomo's office announced this afternoon that it is the leading financial services department and other government agencies to immediately open a survey of Facebook's practice with third parties.
[Wall Street Journal]