Facebook is once again at the center of yet another issue involving privacy. Surprised? I’m not, either.
In a report by The New York Times, it seems Facebook was handing out your personal info to a lot of big companies for much longer than they said they were. And these companies had far more access than your “About” section.
According to the report, the amount of information made available definitely didn’t stop with your name and the names of your friends. In one shocking revelation, the Times reported that some companies even had access to your private messages! I’ll get to the gist of the story next, and then give you five things you can do right now to help protect your private information.
Your private messages were open to multiple companies
Facebook previously said their agreements with other companies were enacted to integrate the “Facebook experience” with mobile devices. These companies and apps were given access through Facebook’s API, which is how they interact. So when you sign into another service using your Facebook credentials, that service is using Facebook’s API to access their system. The Times says they had agreements with more than 150 companies through various industries.
One of the big takeaways of this report is the level of access these companies were granted. The Times report says Microsoft’s Bing search engine was given access to the names of all the friends of Facebook users without consent. Even bigger though, Netflix and Spotify reportedly had the ability to read users’ private messages.
And as TechCrunch reports, Facebook still hasn’t adequately responded to allegations that they used data from Amazon, Yahoo and Huawei to improve friend suggestions through the creepy People You May Know feature.
Didn’t Facebook say they stopped that kind of data sharing? Yes, they did. Facebook said they ceased the practice in May 2015. But in July, Facebook admitted they were still sharing data with dozens of companies. And with API, these companies along with other services had a backdoor way into Facebook for years.
How to protect your Facebook data
Facebook has had all kinds of recent struggles. Who can forget Cambridge Analytica? Things didn’t get better when Facebook announced later that tens of millions of accounts had been hacked. There were other big hiccups here and there, but last week, another announcement. This time, Facebook said they mistakenly exposed millions of users’ photos. And these are just from this year! It’s getting so bad that the U.S. government and other countries are looking at the potential for serious regulations.
These incidents can be infuriating, and should at least make you question your own account status. But it really doesn’t seem to matter how many privacy settings you have in place, since it’s apparent your data is made available a number of other ways. At this point, even Russian trolls should consider calling it quits.
But if you’re not ready to jump ship so you can stay connected with family and friends, at least make sure your account is as locked down as it can be.
1. Remove apps you installed on Facebook
After the Cambridge Analytica debacle, Facebook changed the way it handles third-party apps’ access to your data, and suspended hundreds of them following an audit. But chances are, you’re still connected to apps that weren’t blocked. Here’s how to review and deactivate third-party apps:
- Go to your Facebook Account Settings to access your Apps and Websites settings.
- Desktop: Click the upside-down triangle on the top-right then click Settings >> “Apps and Websites.”
- Mobile: Go to your profile page by tapping the “hamburger icon” (three horizontal lines) on the lower-right corner of the screen. Scroll down, tap Settings >> Account Settings >> Apps.
- On the Apps Settings page, to disable ALL third-party app access with one click, turn off your profile’s ability to interact with apps, websites and games (formerly called Platform)
- Desktop: Click “Edit” on the “Apps, Websites and Games” then choose “Turn off.”
But that’s for a clean slate. If you still want to share access to reputable apps, for instance Twitter or Spotify, then disable others individually. Going this route will also allow you to review each third-party app’s permissions and data level access.
- Desktop: On the same App Settings page, you’ll see a list of all the third-party apps and services you have authorized. To remove an app, simply click the “x” symbol in the right-hand corner of the app.
- Mobile: On the same Apps and Websites page, tap “Logged in with Facebook.” Here, you’ll see all the apps that are active, expired or removed. Simply select an app to review its data access and visibility. To remove an app, tick off its checkbox then tap “Remove App.” Note: You can also check off multiple apps and remove them in one tap.
2. Check your privacy settings
You can also check your individual settings and run a Privacy Checkup through Facebook
- Under Settings, click Privacy Shortcuts
- Click on each step, including “Review a few important privacy settings,” “Manage your location settings,” and then click the “more” option.
- On the next screen, click “Check a few important settings” to run a privacy checkup
3. Set up two-factor identification and login alerts
This is to make sure it’s only you accessing your account.
- Two-factor identification setup: Settings >> Account Settings >> Security and Login >> then scroll down to Use Two-Factor Authentication. Click Edit >> choose the method you want to use. You can either chose “Text Message” or “Authentication App.”
- Login alerts: Settings >> Security and Login then go to the “Setting Up Extra Security” section. Tap or click on the Edit button of “Get alerts about unrecognized logins” then turn Notifications, Messenger and Email alerts on.
4. Change your contact details
To minimize the risk on some of your personal information, change a few things.
- Don’t use your primary email account. Create a secondary email address that’s only used for Facebook. That way, there’s nothing else to find if it’s hacked.
- Don’t list your primary phone number. Get a “burner” number using Google Voice, for example. Again, this number would be used ONLY for Facebook.
5. Take a break or simply deactivate your account
Maybe you’re just tired of it. But what’s the alternative? A lot of social media companies try to offer a different experience from Facebook, but not directly compete with them. At least, not anymore (but good try, Google+). Of course there are Facebook alternatives, but nothing so expansive. Check out Ello or maybe Nextdoor. There are a number of other social alternatives out there that claim your privacy is protected, but if no one is using them …
So nothing’s quite reached the level to cause a mass exodus from Facebook – at least not yet. But you can take a break from your account or even shut it down.
But if closing your account is too extreme, follow the steps above so at least you’ve done your part to protect your privacy. Now, maybe Facebook can really start doing its part.