The British company Privacy International revealed on Sunday at 35 Chaos Communication Congress how app developers deliver data to Facebook, even if users are not Facebook users.
The company conducted a study on the subject, with tests on 34 applications Android that have between 10 and 500 million users, and says it is "particularly concerned" about how user data is being "exploited" in the back-end systems of Facebook and Google.
Privacy International found that 23 of the apps tested sent data to Facebook (data that tells the social network that a user opened or closed a specific app along with information about the device, language and time zone settings). The apps also sent the user's Google advertising ID, which allows companies monitorings to easily match user profiles.
In fact, by specifically processing the travel app Kayak, researchers discovered that it was delivering data to Facebook with every search within the application: search time, city of departure and arrival, airport and date, number and category of tickets.
Privacy International pointed out that this behavior was repeated regardless of whether the user had disconnected from Facebook or had no social networking account.
"Facebook offers analytics and advertising services to application developers, which help them get centralized information on how people handle their applications, which is a common practice for many companies," Facebook said in a privacy statement. International.
Facebook also pointed to the Clear History feature, which was first announced in May duration of the scandal Cambridge Analytica, as a means of handling complaints from Privacy International.
Privacy International also looked at how Facebook's policies compare to the GDPR requirements of Europe and the plan to minimize data.
However, with applications transferring data to Facebook before the user can use the application, Privacy International said there are many questions about whether there is any legal basis for data transfer.
"The fact that the default SDK application automatically transmits data when an application opens and that it released a feature to delay this transmission in July of 2018 (meaning Clear History) raises questions about Facebook's liability to developers as and the company's compliance with data protection, ”Privacy International said.
It is difficult to protect yourself from the kind of data exchange we have described in this survey.
Let's recall that last month, Facebook once again found itself exposing its users' data when it revealed a error in one of its APIs, it exposed private photos of about 6,8 million users.
In October, we passed social network announced that unknowns had combined three bugs to access million token IDs of 30 token.
______________________
- Facebook: we have the social network we deserve
- See how much time you spend on Facebook
- Facebook download the videos you care about
