Facebook CEO Mark Zuckerberg listens to opening statements prior to testifying before a Senate Judiciary and Commerce Committees joint hearing regarding the company's use and protection of user data, on Capitol Hill in Washington, U.S., on April 10, 2018.REUTERS/Leah MillisSome of the most popular smartphone apps are uploading to Facebook highly personal information about their users, including their blood pressure and weight, what house listings they were looking at, and whether they were menstruating or pregnant, without users' explicit knowledge or consent, The Wall Street Journal reported Friday.
The Journal found that at least 11 apps were transferring such sensitive data to Facebook; they included Flo Health's Flo Period & Ovulation Tracker, Move's Realtor.com, and Instant Heart Rate: HR Monitor. All of the apps named by the Journal - and thousands of others besides - include code from Facebook that allow their developers to track how people are using them and use that information to target ads at them.
The apps are transferring data to Facebook regardless of whether the individual users log into the app via the social network or are even members of it, The Journal reported. None of them gave users an obvious way to block Facebook from getting their data, according to the story. Many of them didn't explicitly disclose to users what information they were sharing with Facebook, according to the report.The practices may put the developers and Facebook in trouble with regulators in the United States and Europe. Following The Journal's report, New York Gov. Andrew Cuomo reportedly ordered an investigation into apps sharing sensitive information with Facebook.
That may only be the start. The Federal Trade Commission has in the past cracked down on companies whose actual privacy practices differed significantly from what they disclosed to their users. Meanwhile, Europe's new General Data Protection Regulation typically requires companies to gain users' explicit consent before collecting or sharing their personal data.
The company is already under regulatory scrutiny after a series of mishaps that came to light last year, including the leak of records to Cambridge Analytica, the data firm linked to President Trump. The Journal's report comes as the company is reportedly negotiating with the FTC over the size of a fine related to that massive data leak.
Facebook's terms bar the sharing of sensitive data
Facebook's terms of service require developers that use its code to make clear what information they are sharing with the social network, company spokeswoman Nissa Anklesaria told Business Insider. They also bar app makers from sharing certain sensitive data with Facebook. Facebook looks for and deletes such data when the company finds it, she said.
But generally, the practice of apps sharing data with Facebook for the purpose of advertising to users is nothing unusual or untoward, Anklesaria said."Sharing information across apps on your iPhone or Android device is how mobile advertising works and is industry standard practice," she said.
Several of the developers mentioned in The Journal's report changed their privacy policies or data sharing practices after being contacted by the newspaper. For example, BetterMe, maker of BetterMe: Weight Loss Workouts, updated its privacy policy to make more explicit what information it shares with Facebook and why.