Just about everyone has heard something along the lines of…
“Facebook sells your data” or “Google is spying on you”
But how true are these statements? And do any of us really care? It doesn’t really feel like these companies are exploiting any of the information they have on me on a daily basis when I am just googling “What’s the distance from the earth to the moon?”, or when I’m liking a picture of my baby niece in an adorable Christmas onesie.
“I only use Facebook to keep in touch with friends and family”
“I have nothing to hide; why would I care what data these companies collect about me?”
… these are common thoughts people have when someone else mentions deleting Facebook or makes remarks about being more aware of your online privacy.
But what if we truly do just use these common apps in a completely benign, and seemingly unembarrassing manner? What kind of information can these companies have about me that I should be concerned about? Who might they send it to? And how might entities with access to my data use my data?
I think it is important for people to understand the answers to the questions above when using any tool or app; especially when the tool or app is free and it is common for the company is profiting off of your data at some capacity. In the remainder of this blog post, I will highlight high-level answers to these questions for one specific platform, one of the head honchos of data collection, Facebook; why a lack of data privacy can be concerning; and then provide an alternative to Facebook and how you can begin to Own Your Data.
Commence, the understanding of what data Facebook collects, who they share it with, and how it can be used.
What information does Facebook collect about me?
Just this past year, in the Summer of 2019, Facebook was fined $5 billion by the United States government for failures to protect the privacy of its users’ personal data; so they seemed like an appropriate company/application to use as an example for discussing how many companies collect and use their users’ data.
Researching online, looking through Facebook’s Settings, and downloading my data from Facebook I gleaned the following list of information that Facebook collects on its users…
Types of information Facebook collects:
- Every Post or Comment you have ever created, shared, or been tagged in
- Every Post to your Timeline (even if you hid them from your Timeline)
- Polls you’ve created or participated in
- Your Friends and when you became Friends
- Friends you removed
- Your Facial recognition information
- Every ad you have ever clicked
- Every contact in your phonebook (if you allowed permission)
- Every social event you were invited to and/or attended through Facebook
- Every time you logged into Facebook
- What device you logged in with and from where
- Major life events (jobs, relationships, school)
- Every video you have ever watched on Facebook
- Your location (if you allowed permission)
- Your sent and received Facebook messages
- Phone text messages (if you allowed permission)
- Phone call logs (if you allowed permission)
- Every photo you have ever uploaded to Facebook
- Every video you have ever uploaded to Facebook
- Any payments you have ever made through Facebook
- Words, phrases, names, and videos you’ve searched for
Some of this information wasn’t all that shocking to see, like Posts and Comments I have created, or the list of my Friends. Of course they store this information if they are able to bring it up on my Timeline.
However, some of the information I was surprised to see Facebook store was: Facial Recognition information (being able to identify that it is my face in a picture, video, etc.), a history of all of the videos I have ever watched, all of the contacts from phones I have used to log into Facebook, device and device location information for each time I logged in to Facebook, and phone text messages and call logs.
Perhaps this would not be too alarming if Facebook did not share this information with third parties or if Facebook wasn’t known for being prone to data breaches where they expose the data of millions of their users (Exhibit A, Exhibit B).
Where does my Facebook data go?
On Facebook’s Data Policy webpage they list who they share your data with. The page is broken up into the two high-level categories:
- Sharing on Facebook Products
- Sharing with Third-Party Partners
Sharing on Facebook Products
Under the “Sharing on Facebook Products” section, Facebook states that the content you post is shared with the Friends/audiences you choose to share with (i.e. a group, all your friends, select list of people). Also, your network can see the actions you take, like what ads you have engaged with.
In addition, any information you share with a public audience, information in your public profile, and content you share on a Facebook Page or Marketplace can be seen by anyone, whether they use Facebook or not. This public information can also be seen, accessed, redistributed, or downloaded through third-party services such as search engines, Application Programming Interfaces (APIs), TV, and other apps and websites that integrate with Facebook products.
Facebook also mentions that information you share with your Friends or select individuals can be redistributed by the people you shared with.
When you share a post to specific Friends, they can download, screenshot, or reshare that content to other people on or off the Facebook Platform.Facebook’s Data Policy – https://www.facebook.com/privacy/explanation/
Another way your Facebook data is shared is with third-party apps, websites, and services that use or are integrated with Facebook. So when you play a game with your Facebook Friends, that game is able to see what you post, what you share, your public information, and any other information you deliberately choose to share with them. This is how Cambridge Analytica was able to gather private data on roughly 50 million people from the United States that they used to influence the 2016 US Presidential Election.
Sharing with Third-Party Partners
The “Sharing with Third-Party Partners” section of Facebook’s Data Policy webpage states that they share statistics, insights, and reports with partners and advertisers, and they claim that this information is not personally identifiable. However, researches have shown that the information collected and shared by these big social media companies can easily be de-anonymized to reveal what data belongs to who.
I felt Facebook’s description of sharing “statistics, insights, and reports” with Third-Party Partners was pretty vague and I did not find a way to view exactly what information of mine had been sent to what third-parties. This was a pretty big red flag to me, as it appears that Facebook likely doesn’t have a true understanding as to where all of its users’ data has been distributed to.
Also note, that as a Third-Party Partner, you not only have access to statistics, insights, and reports, but also any public information.
Other entities that may have access to your Facebook data
In addition to the “Facebook Products” and “Third-Party Partners” that Facebook publicly lists as entities that have access to it’s users data, some other entities that may obtain access to your Facebook data include:
- Other apps on your phone
- Marketers and Advertisers
- Nefarious actors
How can my Facebook data be used?
With the plethora of data that Facebook collects and the advancements in Machine Learning, Data Science and Data Analytics, Facebook and the entities that have access to Facebook data are capable of making frighteningly accurate inferences and performing powerful actions through the Facebook platform and other facets of the internet. Since there is an unfathomable amount of ways the data Facebook collects can be used, I’ll list out some of the best, productive ways I think Facebook data is/can be used, followed by some of the most harmful or worrisome ways I think Facebook data can be utilized and exploited.
Good use cases of Facebook data
- Suggesting Friends and Family members to connect with
- Reminding users of their loved ones’ birthdays
- Connecting users with companies and products they actually have an interest in
- Keeping up with life events of Friends and Family
- Staying informed on current events
- Sharing of knowledge and productive discussion on important topics
Maligned use cases of Facebook data
- Influencing the results of government elections
- Blackmailing individuals or groups of people
- Manipulating users to conform to a specific way of thinking
- Manipulating users to purchase products they would otherwise never be interested in
- Sharing of facial recognition information with authoritarian governments and law enforcement
- Using collected data to discriminate against specific individuals or groups of people
- Hackers using your data to help them break into other systems such as banking accounts, investment accounts, health records, etc.
- Data breaches leading to identity theft
While there are obvious benefits for some data being collected and used by Facebook to improve the user experience on the app, the potential number of misuses of sensitive data and the gravity of harm that can be done with data is incredibly worrisome.
If you are still not convinced that data privacy is important, perhaps a quote may resonate more with you:
Ultimately, saying that you don’t care about privacy because you have nothing to hide is no different from saying you don’t care about freedom of speech because you have nothing to say. Or that you don’t care about freedom of the press because you don’t like to read. Or that you don’t care about freedom of religion because you don’t believe in God.Edward Snowden in Permanent Record
Take control of your data and online privacy – Own Your Data
While it’s unfortunate that companies like Facebook and Google have created a landscape where their users’ data is the most monetarily valuable part of their business model, there is an emerging number of companies and tools that respect their users’ privacy without sacrificing usability or convenience.
One simple way to start taking back control of your online privacy is to stop allowing companies to collect, hoard, share, and leak your data by not using their apps/tools and by switching to apps/tools that are consciously trying to put users in control of their data.
If you are looking for an alternative to Facebook — and no, sorry, I do not think Instagram is a valid alternative to Facebook seeing as they are owned by Facebook and therefore take part in the same data collection activities — Omnii is a messaging and social media application that allows its users to control their data (whether that data is their text messages, posts, comments, reactions, etc.)
As one of the co-founders on Omnii, I can tell you that we are attempting to capture all of the things that we think are great about messaging and social media — like keeping in touch with family and friends, engaging in positive, informative discussions, and sharing your latest experiences — while putting a priority on your data privacy. We are committed to giving our users the power to control exactly who is able to see and share their data, without ever collecting your data and never sharing your data with any third parties. We are a bootstrapped startup (not relying on Venture Capitalist funding or investments) and we have made the decision to use different, more benign business models (such as purchasing messaging sticker packs and subscribing to more premium features in the app) to fund the app, instead of relying on selling ad-space or the selling of user data. If you would like learn more about how we do this, or if you have any thoughts/feedback about our project, please feel free to take a look at our website that lists our main features, or reach out to us via email, Twitter, or LinkedIn.
Omnii is going Beta in April 2020!!
If you would like to start experiencing what it’s like to Own Your Data, you can sign up to become one of our early adopters and/or Beta Testers today!
- “Facebook to be fined $5bn for Cambridge Analytica privacy violations – reports” The Guardian. 12 July 2019, https://www.theguardian.com/technology/2019/jul/12/facebook-fine-ftc-privacy-violations
- “The new limits Facebook faces on data privacy.” Associated Press News, 24 July 2019, https://apnews.com/776d6f01d8d54537a7b162e29dd43ae7
- “I checked and it turns out Facebook knows a lot about me” CNBC, 28 March 2018, https://www.cnbc.com/2018/03/27/facebook-knows-a-lot-about-me.html
- “Here’s how to see which apps have access to your Facebook data — and cut them off” CNBC, 20 March 2018, https://www.cnbc.com/2018/03/20/how-to-see-which-facebook-apps-have-access-to-your-data.html
- “Are you ready? Here is all the data Facebook and Google have on you” The Guardian, 30 March 2018, https://www.theguardian.com/commentisfree/2018/mar/28/all-the-data-facebook-google-has-on-you-privacy
- “I downloaded 14 years of my Facebook data and here’s what happened” CNN, 25 March 2018, https://money.cnn.com/2018/03/24/technology/facebook-data/index.html
- “Facebook Data Privacy” Facebook, 29 December 2019m https://www.facebook.com/about/privacy
- Jessica Su, Ansh Shukla, Sharad Goel, and Arvind Narayanan. De-anonymizing Web Browsing Data with Social Networks. 2017.