How Facebook can grab your data, and what you can do to stop it

It’s time for us all to take a closer look at the personal data we entrust to Facebook and through it, to other apps.

The chilling story of how the personal data of 50 million users was hijacked for electioneering in the 2016 presidential campaign is a wake up call for us all.

In this particular saga, the app involved was a Facebook app called thisisyourdigitallife that users thought was psychology research. The data it vacuumed up was used to decide who to target and with what information in the 2016 US poll. The company that used the data for political analysis, Strategic Communication Laboratories (SCL) and its political data analytics company, Cambridge Analytica, have been upfront about that.

It is claimed 270,000 users downloaded thisisyourdigitallife yet, by accessing the information of their friends, the app developer managed to harvest the data of 50 million people.

How did this happen? Whenever people opened a quiz, for example or a new app, they were encouraged to tick the permission boxes granting access to their friends’ data. That took the firm to their friends’ posts, and then to those friends’ friends, and so on.

So a fitting solution to this is to shut down Facebook apps that you really don’t need, or at the least to revisit the permissions you grant them, so that your personal information is better safeguarded.

Here’s what to do:

In the Facebook smartphone app, press the three parallel lines icon at the bottom right (iOS) or top right (Android), then select Settings (iOS) or Settings & Privacy (Android), then Account Settings>Apps. You should be on a page marked Apps and Websites, and if you’re like me, be confronted with alarming information about the vast amount of your data sharing with Facebook.

• The heading Logged in with Facebook lists the apps you have accessed using your Facebook credentials. In my case that turned out to be 111 apps. Press the arrow icon at the right, and you’ll see a list of them. When you tap on each one, you’ll get to see the information you have inadvertently shared with these apps, such as your public profile, friend list, relationship status, work, education history and the rest.

The people who build these apps are not your friends, yet it’s easy to hand them over all the data you’d share only with your best friends. The best policy is to scroll to the bottom, and select "Remove the App". I did that in a majority of these cases. For other apps and social media platforms which I use regularly, I deselected some of the additional information options. I whittled the long list down to about a dozen or so apps which I am familiar with.

Since doing this, I have noticed that when I log into smartphone apps (such as dating apps) which use Facebook to access your friend list etc, it will prompt a reconnect to Facebook option before starting that app.

• Now choose the second heading Platform. These are apps that, somehow, you authorized to interact with your Facebook account — and its data.

• For an extra step in security, under Apps and Websites select “Turn off Platform”. You are warned that if you turn this off, you can’t use the Facebook integrations on third-party apps or websites. That’s exactly what you want to happen, because when activated, Facebook can receive information about your use of third-party apps and websites.

While I had this deactivated initially, I noticed that I use quite a lot of apps that integrate with Facebook so I ended up reactivating it. I may deactivate it again at a later date.

• The third heading under Apps and Websites is Apps Others Use. This is relevant to the thisisyourdigitallife case. It lists personal information belonging to you that is available to applications, games and websites used by your friends. Uncheck all the categories, unless you want your friends to share your personal data.

You can also access the settings on a computer from your browser:

• On the Facebook website, go to App Settings and select apps in the left-hand column.

The way the thisisyourdigitallife developer was able to harvest the date of millions is just the start. Safeguarding your privacy in the mobile world is a complex issue and keeping it under control is a hard ask.

There are also the permissions that you give smartphone apps on your phone in general; for instance, permission for smartphone app developers and other Facebook users to know your location, and the history of where you’ve been.

After you have completed your spring clean, remember to be careful in future. Whenever you download a new app, think carefully about the permissions you grant it. It’s so easy just to tick the permission boxes so that you can use the app as quickly as possible. I’m the same as everyone else here. But it’s a risky practice.