Technology, Top News

Popular Android apps have been reporting back to Facebook without your consent

A YEAR AGO, hearing that Android apps were gossiping about you to Facebook would have barely elicited a shrug. After a year of damage control which saw Facebook dealing with multiple data slips, leaked emails and a congressional summons, people are far less okay with Zuckerberg being a perpetual third wheel.

So a report from Privacy International is disappointing, even if it isn’t entirely surprising. After spot testing 34 popular (10-500 million users) Android apps, the group found that 23 of them were sending data over to Facebook without any kind of user consent – and even for those without a Facebook account. For good measure, the apps also included the user’s Google advertising ID just to really hammer home the creepiness.

The level of information shared varied from app to app, but special marks go to the Kayak travel booking app, which told on users every time they made a search. The time of the search, the departure and arrival city, the airport, the date, and the number of tickets searched for were all diligently sent over to Facebook for… reasons.

While individual apps probably can’t tell you that much about an individual (the link between Candy Crush addiction and being a simpleton is only correlative for now), connecting multiple apps really does begin to paint a full picture of someone. If a user was using Qibla Connect, Period Tracker Clue, Indeed and My Talking Tom – all apps tested by Privacy International – you could hazard a fair guess that the phone belonged to a job-seeking Muslim mother, for example.  

“Facebook offers analytics and advertising services to app developers, which help them receive aggregated information about how people engage with their apps — this is a common practice for many companies,” Facebook told Privacy International.

“We also wanted to note that many companies offer the types of services you cover in the report and, like Facebook, they also get information from the apps and sites that use them in a similar manner. Amazon, Google and Twitter all offer login features. Likewise, many of these companies, as well as others like Adobe, Flurry, and Mixpanel, provide analytics services for app developers. More generally, most websites and apps send the same information to multiple companies each time you visit them.”

There’s a slim chance you may find that reassuring. You most likely don’t, though.

On the bright side, at least one company has cleaned up its act in the wake of the report. Skyscanner told Privacy International: “Since receiving your letter, we released an update to our app as a priority which will stop the transmission of data via the Facebook SDK.”

Now Facebook will just have to figure out you’ve taken a flight by the airport check-ins and braggy photographs you upload when overseas. How ever will they cope? µ

Further reading

Source : Inquirer

Previous ArticleNext Article
Founder and Editor-in-Chief of 'Professional Hackers India'. Technology Evangelist, Security Analyst, Cyber Security Expert, PHP Developer and Part time hacker.

Send this to a friend