A trio of privacy earthquakes shook Facebooklandia on Friday.
TL;DR: It turns out that…
- Eleven third-party apps are sharing our sensitive data with Facebook. Don’t want the network to know when you menstruate? The purchase price for that house you ogled? Tough. News about the oversharing came from the Wall Street Journal [paywalled] on Friday, and as a result…
- New York’s governor called on two state agencies to investigate this “secret” sharing of health and financial data, which apparently violates Facebook’s own policies, and which is reportedly done to both non-Facebook users and non-logged-in users, without much by way of explicit user consent. Meanwhile…
- 60 pages of un-redacted legal documents from a lawsuit between Facebook and app developer Six4Three were anonymously posted on GitHub. The documents haven’t been independently confirmed, The Guardian reports, but Facebook hasn’t denied their authenticity. The internal emails reveal that Facebook planned to spy on Android users and that Facebook itself had what it called a near-fatal brush with a data privacy breach when a third-party app came close to disclosing its financial results ahead of schedule.
To get to the bottom of the WSJ’s findings about the blabby apps, New York Governor Andrew Cuomo said that he’s putting multiple agencies to work on the matter. If the WSJ’s investigation proves to be accurate, and if those freshly leaked internal emails from Six4Three prove authentic, it’s going to paint an even uglier picture of Facebook post-Cambridge Analytica, governmental
investigations and fines … when one might have reasonably assumed that the company would have been backed up its protestations about data-bumbling third-party apps breaching its policies with at least a semblance of reining them in. In the meantime, a few more details about this batch of fresh Facebook news:
On Friday, the WSJ reported that iOS and Android apps are disgorging some of the personal health- and finance-related data of millions of users. From its report: Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend. Other apps know users’ body weight, blood pressure, menstrual cycles or pregnancy status. In other words, personal data that users wouldn’t necessarily want to share with Facebook. Nonetheless, the WSJ said, tests showed that Facebook’s software collects data from numerous apps within seconds of it being entered by the user, with no sign of a prominent or specific disclosure by the app. This is the case even when a user hadn’t logged into Facebook for authentication, or even if a user didn’t have a Facebook account to begin with.
