Privacy International releases report on how apps on Android disclose data with Facebook

No. 2, 28 Jan 2019 Issue

On December 29, NGO Privacy International released a report revealing how mobile applications on Android are disclosing data to Facebook.

The analysis conducted by Privacy International for this report show that 61 percent of apps tested automatically disclose data to Facebook the moment a user opens the app. This happens whether people have a Facebook account or not, or whether they are logged into Facebook or not.

Facebook is able to conduct this tracking of users, non-users and logged-out users outside its platform routinely through Facebook Business Tools. In addition, App developers disclose data with Facebook through the Facebook Software Development Kit (SDK), a set of software development tools that help developers build apps for a specific operating system. Using the free and open source software tool called “mitmproxy”, an interactive HTTPS proxy, Privacy International has analysed the data that 34 apps on Android, each with an install base from 10 to 500 million, disclose to Facebook through the Facebook SDK. All apps were tested between August and December 2018, with the last re-test happening between 3 and 11 of December 2018.

These findings raise a number of legal questions, in particular as regards to compliance with the GDPR and the legal basis used for the disclosure of such data.

The full documentation, including the exact date each app was tested, can be found here and the full report by Privacy International can be found here.


Provided by Access Now.