Some iOS Apps Sending an Alarming Amount of Data to Facebook and Most Users Are Unaware
It's no secret that Facebook is harvesting incredible amounts of data on all of its users (and some that don't even use the service), but what may come as a surprise is just how detailed and intimate some of that data is.
A report from The Wall Street Journal takes a look at some of the apps on iOS that provide data to Facebook, with that info then used for advertising purposes.
Instant Heart Rate: HR Monitor, for example, the most popular heart rate app on iOS, sent a user's heart rate to Facebook right after it was recorded in The Wall Street Journal's testing. Flo Period & Ovulation Tracker, which has 25 million active users, tells Facebook when a user is having a period or is intending to get pregnant.
Many of these apps are sending this data without "any prominent or specific disclosure," according to The Wall Street Journal's testing. Facebook collects data from apps even if no Facebook account is used to log in and even if the user isn't a member of Facebook.
Apps are sharing this data to take advantage of Facebook analytics tools that allow them to target their users more precisely with Facebook ads.
Apple does not require apps to disclose all of the partners that they share data with, and while certain personal information can be blocked, like contacts or location, more sensitive data, like health and fitness details, can be readily shared by these apps as there's no option to turn off this kind of data sharing.
Users can turn off Facebook's targeted advertising, but have no way to prevent apps from surreptitiously sending collected data to Facebook in the first place.
Facebook claimed that some of the data sharing The Wall Street Journal uncovered violates its business terms, and has asked these apps to stop sending information app users would consider sensitive.
The Wall Street Journal spoke to an Apple spokesperson, who said its App Store Guidelines require apps to obtain user consent for collecting data.
"When we hear of any developer violating these strict privacy terms and guidelines, we quickly investigate and, if necessary, take immediate action," the company said.
At least 11 out of the 70 apps tested by The Wall Street Journal were sending sensitive user data to Facebook, including six of the top 15 health and fitness apps. There's little end users can do, except for be wary of the apps they're choosing to download. Apple in the future could introduce more stringent guidelines and policy controls that would better put a stop to this kind of intrusive data harvesting.
The Wall Street Journal's full report, which is well worth reading, offers more detail on how it tested these apps and how some of the apps responded.