Report: Apps send sensitive data from users to Facebook
Several phone apps are sending sensitive user data, including health information, to Facebook without users’ consent, according to a report by The Wall Street Journal.
An analytics tool called “App Events” allows app developers to record user activity and report it back to Facebook, even if the user isn’t on Facebook, according to the report.
One example detailed by the Journal shows how a woman would track her period and ovulation using an app from Flo Health. After she enters when she last had her period, Face- book software in the app would send along data such as whether the user may be ovulating. The Journal’s testing found that the data was sent with an advertising ID that can be matched to a device or profile.
Although Facebook’s terms instruct app developers not to send such sensitive information, Facebook appeared to be accepting such data without telling the developers to stop. Developers are able to use such data to target their own users while on Facebook.
Facebook said in a statement that it requires apps to tell users what information is shared with Facebook and it “prohibits app developers from send- ing us sensitive data.” The company said it works to remove information that developers should not have sent to Facebook.
The development comes as Facebook is dealing with increased scrutiny over how it handles user data. Last week, British lawmakers issued a scathing report calling for tougher privacy rules for tech firms.
Criticisms over privacy intensified nearly a year ago following revelations that the now-defunct Cambridge Analytica data-mining firm accessed data on some 87 million Facebook users without their consent.
A Wall Street Journal report says health information is among the sensitive data being sent.