How Facebook’s App Events is Revealing Your Data

Facebook is in hot water again, but this time for secretly retrieving personal information through App Events, while users had little to no indication about it. But this time, Facebook might not be entirely to blame.

At least 11 well-known health apps are reportedly revealing people’s sensitive data with Facebook. Even users who don’t have an account on the social network are having their private information shared.

Last Friday, the Wall Street Journal announced the shocking news,

“Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend. Other apps know users’ body weight, blood pressure, menstrual cycles or pregnancy status.”App Events

Apps who have been sharing their user’s personal data include:

  • – Flo Period
  • – Ovulation Tracker
  • – BetterMe: Weight Loss Workouts
  • – Breethe
  • – Instant Heart Rate: HR Monitor

The apps that are sharing sensitive data use a Facebook-provided tool named App Events to gather and send the information back. The data received is used to influence Facebook’s advertising algorithms. Developers can use App Events to monitor how users use their app, which can then be used to better advertising.

For example, you might use a fashion brand’s app to find a new pair of shoes, but you don’t end up buying any. The next time you access the internet, you see an ad persuading you to go and buy the pair of shoes you previously looked at. For you to see the advertisement, developers need to feed Facebook the data about what the user is doing on the app.

While the above example is just how standard mobile advertising works, some apps are using App Events to collect sensitive data which is then shared with Facebook. Developers using App Events can create Custom Events – tailored to their app’s own requirements. In Facebook’s policies, it states that developers should not use Custom Events to collect and use sensitive data.

So, users are sharing their sensitive data with the apps – because that’s what they’re used for – but their data is then unknowingly shared …

Is Facebook At Fault?

Kind of.

Facebook cannot monitor what third party developers do. Facebook say if they do ever find sensitive data sent in by developer tools, that they delete it and they do monitor for instances like this.

But, should Facebook do a better job of ensuring developers abide by their policies? Yes.

Should they come down on hard apps who break the rules? Absolutely.

What do you think? Let us know in the comments section below.

Keep up-to-date with Facebook’s scandals: