- Justin Bieber fans are damaging one of Iceland’s top tourist spots Sunday 1:28 PM
- James Charles drops 41-minute response video to Tati Westbrook’s accusations Sunday 1:15 PM
- Watch what happens when this Twitch streamer quits his job on camera Sunday 12:25 PM
- Men are finally sharing their abortion stories Sunday 10:58 AM
- Netflix’s ‘Maria’ is a trigger-happy B-movie Sunday 9:07 AM
- How to stream Money in the Bank 2019 for free Sunday 9:00 AM
- How to watch ‘Game of Thrones’ season 8, episode 6 for free Sunday 8:00 AM
- These ‘Game of Thrones’ houses are gone forever Sunday 7:54 AM
- The 10 best anime movies on Hulu Sunday 7:00 AM
- Vibe TV puts a premium price tag on piracy Sunday 6:00 AM
- Twitter unites in collective confusion over ‘Democrats for Trump’ trending Saturday 2:28 PM
- YouTube star tweets and deletes video of his Black cousin ‘Peanut’ acting as a stool Saturday 1:04 PM
- The ‘Do you wash your legs in the shower’ debate has now escalated to feet Saturday 12:20 PM
- Trump posts a world-class golf score, and the internet laughs at him Saturday 10:46 AM
- Lili Reinhart dragged the ‘Game of Thrones’ petition, sparking debate about TV and ‘fan service’ Saturday 9:42 AM
Report: Facebook collects app data on users’ body weight, menstrual cycles
Using analytics software called “App Events,” a Facebook product built into thousands of popular apps, the social media giant was able to gather personal data regardless if a user owned a Facebook account.
Per the Journal:
It is already known that many smartphone apps send information to Facebook about when users open them, and sometimes what they do inside. Previously unreported is how at least 11 popular apps, totaling tens of millions of downloads, have also been sharing sensitive data entered by users.
In one example, the Journal found that Instant Heart Rate: HR Monitor, the most popular heart-rate tool on the Apple App Store, “sent a user’s heart rate to Facebook immediately after it was recorded.”
Another popular app, Flo Health Inc.’s Flo Period & Ovulation Tracker, alerted the social media company when users were having their periods and when they were looking to get pregnant.
A third app developed by Realtor.com for finding real estate let Facebook know the price and location of any viewed listings.
When confronted about the data collection, Facebook stated to the Journal that some of the apps in question appeared to be violating its business terms by sending them sensitive information.
“We require app developers to be clear with their users about the information they are sharing with us,” a Facebook spokeswoman said.
Apple also reiterated its stance on data sharing after being pointed to the offending apps available in its App Store.
“When we hear of any developer violating these strict privacy terms and guidelines, we quickly investigate and, if necessary, take immediate action,” an Apple spokesperson said.
Google, which operates the Google Play app store, likewise stated that apps must inform users when sensitive data is shared with third parties.
In the case of the Flo Period & Ovulation Tracker app, the company has previously alleged that it does not share “information regarding your marked cycles, pregnancy, symptoms, notes and other information” if a user hasn’t given consent.
After being questioned by the Journal, Flo claimed that it doesn’t share “critical user data” and that any data sent to Facebook is “depersonalized.” After being told that its app was in fact sending sensitive information “with a unique advertising identifier that can be matched to a device or profile,” the company changed its tune. Flo now says it will “substantially limit” its reliance on Facebook’s App Events analytics tool while a privacy audit is conducted.
Although one U.S. company went as far as to announce plans to sever its ties with the Facebook tool altogether, the situation could be even more serious in the European Union, where data sharing practices are highly regulated.
Frederik J. Zuiderveen Borgesius, a law professor at Radboud University in the Netherlands, told the Journal that their findings could indicate a violation of E.U. law.
“For the sensitive data, companies basically always need consent—likely both the app developer and Facebook,” Borgesius said.
For now, it is unclear whether any government will take action. The Federal Trade Commission and Facebook, however, are reportedly negotiating over a multibillion-dollar fine in regards to the social media site’s previous privacy violations.
- Facebook let advertisers target users interested in infamous Nazis
- Scathing privacy report calls Facebook a ‘digital gangster’
- The Hatebook: Inside Facebook’s thriving subculture of racism
Mikael Thalen is a tech and security reporter based in Seattle, covering social media, data breaches, hackers, and more.