Health Apps Caught Sharing Personal Data With Facebook
If you’re one of those sitting back and laughing about how silly your friends have been to sign up for Facebook and trust it with their data, you may not be out of the woods. The Wall Street Journal has found that a number of popular health apps share personal and health data with Facebook. More specifically, they store that information on Facebook’s systems as part of using it in conjunction with the Facebook Analytics platform. Since the data typically also includes a unique advertising ID, it means Facebook might well know about you even if you’ve never registered for an account.
11 Health and General Interest Apps Outed
The WSJ found that 11 of the 70 iOS apps it tested shared personal or health data with Facebook’s servers via Facebooks Analytics. For example, Instant Heart Rate: HR Monitor (one of the most popular heart rate monitoring apps) sent users’ heart rate data to Facebook. Flo Period & Ovulation Tracker shared when a user was having her period. Not all the personal data was related to health. Realtor.com sends Facebook the location and price of listings a user views. The data is shared by creating a Custom Event using the Facebook Analytics SDK, and then using it to send non-standard types of user information.
There is no reason to believe that the issue is unique to iOS. However, the WSJ’s software wasn’t able to perform a similar test on Android. It’s also possible the issue isn’t confined to Facebook’s Analytics platform but might exist with other popular analytics offerings.
This Is Data Facebook Probably Wishes It Never Got
To Facebook’s credit, the Terms of Service that accompany its Analytics platform specifically say that “health, financial information or other categories of sensitive information” should not be sent. And Facebook has said that it hasn’t made other use of this type of data (although it does use Analytics data to allow app vendors to target their users with particular types of ads, and to conduct market research). But, as with so many other Facebook disclosures, there doesn’t seem to be any auditing or enforcement of that policy.
Expect a Band-Aid, but Don’t Hold Your Breath for a Real Fix
The outed health app companies are already re-thinking their data policies, and I’m sure Facebook is looking at other potential violators of its TOS. So I expect a fairly quick clean up of this specific issue of health data sharing by apps — at least without very-explicit permission. However, the attention economy is so heavily dependent on the monetizing of user data, that I don’t think it’s likely that the underlying problem of apps silently sharing data with outside vendors like analytics providers is going to get fixed by the companies involved. It is yet another area where any solution is likely to require additional regulation of the handling of user data.
Continue reading
OnePlus Caught Manipulating Smartphone Performance Benchmarks
Despite having ample power, the OnePlus 9 is aggressively throttling performance for most apps while allowing benchmarks full power. As a result, its phones have been pulled from the Geekbench charts.
Western Digital Caught Bait-and-Switching Customers With Slow SSDs
Western Digital is the latest company caught bait-and-switching its customers with lousy SSD speeds. In other news, Samsung and Intel don't appear to be trying to cheat customers this way, while Crucial and Adata apparently are.
Samsung Is the Latest SSD Manufacturer Caught Cheating Its Customers
Samsung has joined the ranks of companies found shipping faster SSDs to reviewers than to consumers without telling anyone about it.
Family Safety App Life360 Caught Selling User Location Data
Keeping track of your family now comes with an unexpected price: handing over your location data to Amazon and the US Military.