Health Apps Caught Sharing Personal Data With Facebook
If you’re one of those sitting back and laughing about how silly your friends have been to sign up for Facebook and trust it with their data, you may not be out of the woods. The Wall Street Journal has found that a number of popular health apps share personal and health data with Facebook. More specifically, they store that information on Facebook’s systems as part of using it in conjunction with the Facebook Analytics platform. Since the data typically also includes a unique advertising ID, it means Facebook might well know about you even if you’ve never registered for an account.
11 Health and General Interest Apps Outed
The WSJ found that 11 of the 70 iOS apps it tested shared personal or health data with Facebook’s servers via Facebooks Analytics. For example, Instant Heart Rate: HR Monitor (one of the most popular heart rate monitoring apps) sent users’ heart rate data to Facebook. Flo Period & Ovulation Tracker shared when a user was having her period. Not all the personal data was related to health. Realtor.com sends Facebook the location and price of listings a user views. The data is shared by creating a Custom Event using the Facebook Analytics SDK, and then using it to send non-standard types of user information.
There is no reason to believe that the issue is unique to iOS. However, the WSJ’s software wasn’t able to perform a similar test on Android. It’s also possible the issue isn’t confined to Facebook’s Analytics platform but might exist with other popular analytics offerings.
This Is Data Facebook Probably Wishes It Never Got
To Facebook’s credit, the Terms of Service that accompany its Analytics platform specifically say that “health, financial information or other categories of sensitive information” should not be sent. And Facebook has said that it hasn’t made other use of this type of data (although it does use Analytics data to allow app vendors to target their users with particular types of ads, and to conduct market research). But, as with so many other Facebook disclosures, there doesn’t seem to be any auditing or enforcement of that policy.
Expect a Band-Aid, but Don’t Hold Your Breath for a Real Fix
The outed health app companies are already re-thinking their data policies, and I’m sure Facebook is looking at other potential violators of its TOS. So I expect a fairly quick clean up of this specific issue of health data sharing by apps — at least without very-explicit permission. However, the attention economy is so heavily dependent on the monetizing of user data, that I don’t think it’s likely that the underlying problem of apps silently sharing data with outside vendors like analytics providers is going to get fixed by the companies involved. It is yet another area where any solution is likely to require additional regulation of the handling of user data.
Continue reading
A File Sharing App With 1 Billion Downloads Has a Major Security Flaw
Trend Micro says SHAREit is a security nightmare that could allow intruders to sneak a peek at your data or even install malware. Perhaps most troublingly, the developers have not responded to Trend Micro's warnings.
Meta Threatens to Pull Instagram and Facebook Out of Europe Over Data Sharing Ruling
Meta has told the EU if it can't do ad targeting, it might as well just call it a day.
Netflix Ads and Password Sharing Fees Could Arrive This Year
In a notice sent to employees, Netflix management said they were aiming to have an ad-supported tier ready for sign-ups by the fourth quarter of 2022.
How to Create Your Own Private Photo Sharing Cloud
If you want to be able to get at your photos from anywhere, and share them with others, without the cost or potential privacy issues of keeping them in a public cloud, here are some ways to DIY your own private photo sharing cloud.