Adding to Facebook’s privacy
woes, researchers have discovered that popular period-tracking apps shared users’ most intimate sexual and health practices with the social giant.
Two period-tracking apps in
particular, MIA Fem and Maya, filled Facebook in on everything from the timing of women’s menstrual cycles to their sexual activity, according to a new re
port from Privacy International.
“Maya by Plackal Tech and MIA by Mobapp Development Limited conducted… what we believe to be extensive sharing of sensitive personal data with
third parties, including Facebook,” the researchers write.
The findings follow a report released by the UK-based advocacy group late last year. It documented the casual data-sharing
habits of top mobile applications.
Among the 36 apps it tested, Privacy International found that 61% automatically transferred data to Facebook the moment a user opens the app -- whether users
had a Facebook account or not, and whether or not they were logged into Facebook at the time.
Such sharing occurs through a set of software development tools known officially as the Facebook
Software Development Kit, or SDK.
In a follow-up report, Privacy International found that two-thirds of the apps that it had exposed had later updated their data-sharing practices.
In
response to Privacy International’s more recent findings, Maya by Plackal Tech said it removed both the Facebook core SDK and Analytics SDK.
MIA, for its part, did not wish to
have its response to Privacy International’s most recent findings published.
Although they are not the most used period-tracking apps on the market, Maya and MIA reach millions of women.
Maya, for example, boasts over 5 million downloads on Google Play alone.
By any measure, the apps also encourage women to share their most private personal details.
Among other
questions, Maya asks women about their current emotional states, whether they are experiencing “health issues,” whether they “got lucky last night,” and if they used
contraception.
Before the app updated its practices, all of this sensitive information -- in addition to users’ “diaries” -- was freely shared with Facebook and other third
parties, Privacy International reported.
The report includes a statement by Facebook that its terms of service prohibit app developers from sharing health or other sensitive data, and the
company told BuzzFeed News that it had notified Maya and MIA of possible terms violations. Facebook also said that, while it has systems that automatically identify and delete passwords and
other sensitive information shared by apps, it has "begun looking at ways to improve our system and products to detect and filter out more types of potentially sensitive
data.”
Facebook spokesman Joe Osborne also issued a statement to press saying that in targeting ads by interest, the platform "does not leverage information
gleaned from people’s activity across other apps or websites.”
As it struggles to position itself as a safe and secure platform, Facebook remains mired in privacy
issues. Just last week, for example, the phone numbers of more than 400 million users were found floating online.
In addition, a federal judge just refused to dismiss a lawsuit alleging that Facebook violated users’ privacy by sharing their information with outside developers, including Cambridge
Analytica.