Major Android apps are still sending data to Facebook without your consent
If you thought your data was safe from Facebook because you don't have a profile on the platform, think again. A new report by Privacy International has found that multiple major Android apps still share your personal data with the social media network without your consent.
The first study conducted by Privacy International in 2018, found that at least 61% of apps automatically transfer data to Facebook the moment an app is opened. This happens even if you haven't registered on Facebook or are logged out of the platform. Some of the information passed along to the social media network was also found to be 'incredibly detailed and sometimes sensitive'.
This is possible thanks to the Facebook Software Development Kit (SDK). It is a "Facebook business product that apps integrate into their code. It is designed to automatically transmit personal data to Facebook the moment a user opens the app."
Since the release of their findings, Privacy International has retested multiple apps. Their latest findings show that many have amended their behavior. Spotify, Skyscanner and KAYAK, for example, have updated their applications so they no longer communicate without Facebook when opened. However, that's not the case for some major Android apps with millions of users.
According to Privacy International, Duolingo, a language learning app that currently has more than 100 million downloads on Google Play, still exhibits this behavior. The same goes for job searching app Indeed, Yelp's Android app and more. Why is this a problem? The study states that the data is sent with a unique identifier, making it easy to paint a solid picture of the person's interests, activities and so on. It not only violates users' privacy, but gives Facebook an "extraordinary insight into a large share of the app ecosystem", providing them with competitive advantages.
This has led Privacy International to contact the European Data Protection Board and the European Data Protection Supervisor, requesting that both consider their findings and the legal issues raised. They have also contacted Facebook itself, urging them to change the Facebook Software Developer Kit.
What do you think of Privacy International's findings? Are you surprised your data can still be shared with Facebook even if you don't have an account? Let us know in the comments.
Source: Privacy International
This is very disappointing.
Well, most of my apps are paid apps without and advertisements. In fact I don't have a single app which show advertisements. I use Brave browser, which blocks advertisements and trackers, with Android Pit whitelisted because I love Android Pit.
Thanks for this - after a little digging I've bookmarked the "Documentation" page with the list of apps to check later. I'd guess app developers are monetizing by selling this data to Facebook, etc. or they wouldn't add the SDK. I think Android should be addressing this with a Permissions notification in the Play Store and a system Settings check off for Third Party Tracking and/or providing a "Do Not Track" choice at app installation.
I've been using a third-party system-wide ad blocker for some years that eliminates most (not all) idiot cartoon banners and pop-ups in apps, by faking my device's DNS at app launch, through a minimal VPN - I wonder if those blockers also foil the reporting to Facebook, etc. in the same way. Again, the blockers have been disallowed by the Play Store, and ought to be let back in. The Play Store permits browsers with website ad block but then bans utilities for in app ad blocking.