How Facebook Hides How it Acquires Information from Apps

Executive Summary

  • A big part of Facebook is hiding from users how it is sent information from apps.
  • Both the app provider and Facebook deceive users.


As Facebook faces a DOJ lawsuit for monopolistic behavior, what will happen is Facebook’s business model will be highlighted to more of a degree than before. Facebook has a long history of lying to users about its surveillance. Again, it does so by hiding how it has partnerships with apps that are constantly sending Facebook personal data.

Our References for This Article

If you want to see our references for this article and other related Brightwork articles, see this link.

How Facebook and App Developers Hide How Information is Shared from Apps

Facebook’s partnerships that allow it to acquire even more information than from cross-site surveillance and information brokers are explained as follows.

Millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they checked out last weekend. Other apps know users’ body weight, blood pressure, menstrual cycles or pregnancy status.

Unbeknown to most people, in many cases that data is being shared with someone else: Facebook Inc.

The social-media giant collects intensely personal information from many popular smartphone apps just seconds after users enter it, even if the user has no connection to Facebook, according to testing done by The Wall Street Journal. The apps often send the data without any prominent or specific disclosure, the testing showed.

Apple Inc. and Alphabet Inc.’s Google, which operate the two dominant app stores, don’t require apps to disclose all the partners with whom data is shared.

In the Journal’s testing, Instant Heart Rate: HR Monitor, the most popular heart-rate app on Apple’s iOS, made by California-based Azumio Inc., sent a user’s heart rate to Facebook immediately after it was recorded.

Flo Health Inc.’s Flo Period & Ovulation Tracker, which claims 25 million active users, told Facebook when a user was having her period or informed the app of an intention to get pregnant, the tests showed.

Flo Health’s privacy policy says it won’t send “information regarding your marked cycles, pregnancy, symptoms, notes and other information that is entered by you and that you do not elect to share” to third-party vendors. – Wall Street Journal

This is amazing.

Facebook is now monitoring women’s periods, which it is then combining with Facebook information and third-party data broker information. Is this information shared with the makers of feminine hygiene products and other psychographic information about when women are interested in buying various products related to their cycles?

Of course, the only way Facebook could do this is if the app provider sent their identity to Facebook, which, of course, Flo does.

Flo initially said in a written statement that it doesn’t send “critical user data” and that the data it does send Facebook is “depersonalized” to keep it private and secure.

The Journal’s testing, however, showed sensitive information was sent with a unique advertising identifier that can be matched to a device or profile. A Flo spokeswoman subsequently said the company will “substantially limit” its use of external analytics systems while it conducts a privacy audit. – Wall Street Journal

Hiding This From Users

Users do not imagine that this is happening because the privacy policies are opaque. The companies are lying about what they do (as in the case of Flo, which stated the data is aggregated when it isn’t) as well as is being difficult for users to guess that the data would be used in this way as it has nothing to do with the functionality of the app. This is mirrored in the following quotation.

“This is a big mess,” said Patrick Jackson, Disconnect’s chief technology officer, who analyzed apps on behalf of the Journal. “This is completely independent of the functionality of the app.” – Wall Street Journal

App Developers Are Filled with Excuses as to Why Sending Information to Facebook is a Good Thing

The app developers’ excuses for why this information is shared with Facebook in the first place end up being ludicrous, as is illustrated by the following quotation.

Esther Onfroy, co-founder of cybersecurity firm Defensive Lab Agency, conducted a separate test showing that at least one app flagged by the Journal’s testing, BetterMe: Weight Loss Workouts, was in its Android version also sharing users’ weights and heights with Facebook as soon as they were entered.

BetterMe Ltd. didn’t respond to email and social-media inquires from the Journal. On Feb. 16, after being contacted by the Journal, it updated its privacy policy, replacing a general reference to Facebook’s analytics to one that says it shares information with Facebook so it can determine “the average weight and height of our users, how many users chose a particular problem area of their body, and other interactions.” – Wall Street Journal

They appear to presume just because they can come up with some reason for doing something that they have the right to do it.

This makes me question.

I have an exercise app that tracks my heart rate and exercise statistics. Is that information being shared with Facebook also?

Zuckerberg Makes Another False Offer

Under pressure over its data collection, Facebook Chief Executive Mark Zuckerberg said last year that the company would create a feature called “Clear History” to allow users to see what data Facebook had collected about them from applications and websites, and to delete it from Facebook. The company says it is still building the technology needed to make the feature possible. – Wall Street Journal

This is Zuckerberg and Facebook’s pattern. As soon as there is a concern, they come up with some faux solutions. This feature will never happen and is just Facebook damage control. Facebook has been caught lying on so many occasions, as we cover in the article How Facebook is Constantly Lying About Surveilling Users, and Facebook’s History of Lying to Advertisers and Media Buyers About Ad Reach, that whatever they say can be immediately dismissed.

Facebook receives our Golden Pinocchio Award for hiding the constellation of apps that constantly provide Facebook with highly personal information. Facebook lies in such a constant manner that its logo should be changed to a Pinocchio. 


Users do not know that Facebook is receiving information about them from apps that are on their phones. This is yet another way that Facebook surveils users without their knowledge.