If you’ve been following the news recently, you may have been surprised to discover that a data analysis company managed to scrape up information on some 50 million Facebook users without their knowledge. While this is not the first time Facebook has offered entities access to its data, the controversy in recent news deals with exactly how a consulting firm, Cambridge Analytica, obtained the data from Facebook.
A CNBC report says that Cambridge Analytica legally purchased the data from Aleksandr Kogan and his company, Global Science Research, which gathered the data through a Facebook app and a psychological test taken by Facebook users.
Curiously, however, they didn’t need to get 50 million people to click on a link in order to obtain their data; instead, they accomplished this by persuading just 270,000 users to add an app, called thisisyourdigitallife, to their Facebook page. The app offered a number of personality quizzes; you know the kind, you see them on Facebook all the time.
Those who downloaded the app voluntarily handed over vast amounts of personal data about what they like, where they live, and in some cases, depending on an individuals Facebook privacy settings, who their friends were. The data analysis firm used this data to create “psychographic profiles,” or descriptions of people according to their personality types. They had enough data to create full profiles of 30 million people.
And you might be one of them.
How did they get the data without the knowledge of users? Quite simply, a default Facebook setting allowed the entity access to this information. For this reason, every Facebook user needs to know how to change these settings to prevent Facebook apps from accessing your profile information.
First, go to Facebook.com and access Settings. If you’re on a desktop computer, you’ll find this by clicking the down-pointing triangle icon at the top right of the Facebook page. On a mobile device, you can tap the hamburger menu—the three horizontal lines—at the top right of the screen, scroll down, and then tap Account Settings.
On the General Account Settings page, on the right hand side, select the Apps tab. Here you’ll see apps where you’ve logged in using Facebook. This may include apps you’ve simply used once (even years ago) on a Facebook page, or external apps that you have linked to Facebook, and it will also include websites where you have logged in using your Facebook profile.
For example, I’m logged into Facebook with Apple Music, IFTTT, Instagram, Twitter, and WordPress. I use WordPress’s Facebook integration to automatically publish articles from my website to my Facebook page; I use Twitter’s link to post tweets on Facebook; etc.
To remove an app, hover over it and click the X, or tap it, then click Remove App. On a mobile device, scroll down and tap Remove App.
On mobile, when you tap an app’s name, you’ll see a list of permissions it offers, and here’s where the real problem lies. (On the desktop, hover your cursor and click the pencil to edit this.) Some apps request access to your friend list, and, by doing so, they can access all their profile information. This is how the data analysis firm went from 270,000 users of their app to gathering information on about 50 million users.
Uncheck anything that the app doesn’t need. For example, Twitter needs to be able to post to my timeline; that’s the point of the integration. But do Apple Music or IFTTT really need my friend list? Nope. You’ll find different categories for different apps, and you can turn off all those that aren’t necessary.
If you go a bit lower on the page to Apps Others Use, you’ll find a list of the types of data that apps can collect — even if you don’t use them. If your friends use these apps, the apps can collect information about you. This is the corollary of the settings I mentioned above. You should uncheck everything here.
If you change both sets of settings, you’ll prevent apps from accessing your friends’ information, and you’ll prevent apps from accessing yours.
And if you don’t use any apps at all, go to the Apps, Websites and Plugins section, click Edit, then click Disable Platform, and no information will be shared. However, you won’t be able to log in to other websites with your Facebook profile; you won’t be able to log into some mobile games; and you may find some sharing with friends is limited.
But do you really want Facebook to stretch its tentacles that far? Using it as a website and service is one thing, but allowing it to manage your access to other sites is probably unwise. If you turn this off, you may no longer have access to accounts where you’ve logged in with Facebook, and may not be able to change the login information for those accounts.
Check these settings for your Facebook account, and also for your children’s accounts. You probably don’t want Facebook blindly collecting—and allowing others to collect—data about your kids either.
Have something to say about this story? Share your comments below!