Several iOS apps would share sensitive data with Facebook

The apps we found sharing personal data include Flo Period & Ovulation Tracker, BetterMe: Weight Loss Workouts, Breethe, Realtor.com and Instant Heart Rate: HR Monitor. According to the report, none of these applications allowed users to prevent them from sharing personal data with Facebook, nor do they necessarily tell people that their data is routed to Facebook's servers. The publication could only specifically decrypt the types of data that iOS apps send to Facebook, but a third-party test determined that at least one Android fitness app also shared data of weight and size.

Thousands of apps use a Facebook analytics tool called App Events, which allows developers to track users' activity. Developers can configure "custom application events", which can be used for targeting ads. This is so that the applications identified in the report send data to Facebook. Although the data is apparently anonymized in some cases, there are sometimes markers that allow Facebook to associate some of them with users.

The social network does not seem to be directly at fault here. It asks developers not to share "health information, financial information or other categories of sensitive information." The company told WSJ Developers should make it clear to users what data they provide to Facebook and that some of the reported information sharing practices appear to violate its terms.

Facebook said that would force the applications mentioned in the report to stop sharing sensitive data and take action against developers if they did not comply. He also claimed that he was not using sensitive data captured in custom application events to personalize products such as ads and news feeds, and was automatically deleting certain types. of intimate data that he was receiving, including social security numbers.

Apple is asking application developers to obtain users' consent before collecting their data and taking steps to prevent unauthorized third parties from accessing this information. Google applications must define the type of third party with which the personal or sensitive data of the user is shared. Application manufacturers may also suffer repercussions under confidentiality rules such as the EU General Data Protection Regulation.