Android apps share data with Facebook without permission, but who does the responsibility lie with?

10 januari 2019

The privacy organisation Privacy International looked in to the matter and found that “at least” 20 of the 34 Android apps which were examined shared data with Facebook without having the correct permission to do so. Apps such as Kayak, MyFitnessPal, Skyscanner and TripAdvisor.

 

What does Facebook have to say about this? Their response is that it’s important for the users to know if an app shares data. They also believe that people should always be “in control” of how their data is being used. Furthermore the company said that the developers have the opportunity to switch off sharing of information.

An interesting fact, with the truth laying somewhere in the middle. The consumer has far too little time to read the whole mass of conditions and the manufactures use this to their advantage.

The AVG claims that providers must be clear about what happens to the data and explain this in simple terms. On the other hand the consumer doesn’t pay enough time looking at an app’s settings and changing the conditions of sharing data. In Tripadvisor for example it’s easy to amend your account settings to no longer share data with Facebook. However many people don’t make the time or effort to check the settings.

If we look at how the conditions are presented on the website, it’s still rather unclear about what actually happens to your data. If we’re looking for an easy dinner, then we order in and have food delivered. Have you ever paid attention to how ask for consent to send you a newsletter?

The AVG is clear in saying that you have to perform an action to give your consent, however more often than not you have to uncheck the consent box if you don’t want to be swamped with newsletters and offers. The rules still remain that I must give my consent, not that a website can determine my preference beforehand. And let’s not start with the cookie walls you have to go through to determine which cookie is and isn’t necessary. I already struggle with this, let alone the average user.

In conclusion, the AVG dictates understandable and clear terms must be used to give consent, however it is nowhere near where it should be. On top of that Facebook claims that app developers use ‘old’ and ‘new’ systems. I as a user haven’t got a clue which Facebook system is used when I download an app and it’s not getting any clearer. I do however still believe that the AVG is a step in the right direction to give the user more control over their data. Give it another year or two and businesses will be AVG-proof. If there are any companies who don’t abide by the rules, then we need to name and shame.

There’s a lot of work let to do, but these kinds of developments and coverage are part of life. Not only the companies, but also the user needs to get used to their newly acquired AVG rights. At the end of the day it’s still the user who gives consent before actually reading what they are giving their consent to. You could say it’s just their own fault and app developers are happy to take advantage of this. As long as there are not enough people to supervise and enforce the rules, we continue seeing messages such as these.

 

- Martijn de Boer, CEO CDDN