Apple's iOS Apps Found Sending Sensitive Data To Facebook, Including Sexual Activity

To average users, apps they use can mean a whole lot of things, making their lives just a bit easier.

In many cases, users "trust" the apps they use, to a degree that they are willing share just about anything the apps ask or need. As a result, millions of smartphone users confess their most intimate secrets to apps, including when they want to work on their belly fat or the price of the house they admired.

Good or bad, the implication can be scary, as apps can send just about any user data to the developers. And if those apps use third-party APIs, for example, the creators of the APIs can also get a glimpse of those sensitive data.

A New York regulator has called for Facebook and the developers of 11 iOS health-related apps to explain why they need users' sensitive data, but to send them to Facebook.

The data in question included things like weight, BMI (Body Mass Index), menstrual cycles, alcohol consumption, food consumption, heart-rate, blood pressure and calories burned during exercise. And in one case, the category also included users 'sexual activity’.

The 11 apps sending sensitive data were:

  1. Flo Period & Ovulation Tracker.
  2. Weight Loss Fitness by Verv.
  3. BetterMe: Weight Loss Workouts.
  4. Lose It!.
  5. GetFit: Home Fitness & Workout.
  6. Instant Heart Rate: HR Monitor.
  7. BetterMen: Fitness Trainer.
  8. Real Estate Search.
  9. Trulia Real Estate: Find Homes.
  10. Breethe: Sleep & Meditation.
  11. Glucose Buddy.

Six of the above apps were sitting on the top 15 health and fitness apps in Apple’s U.S. App Store. All but the last have been downloaded millions of times in 2018 alone.

'LoseIt! app
LoseIt! no longer share users' health data with Facebook

The problem here is that, the privacy policies of those apps didn't make things clear to the extent of the data-sharing, which often exclude Facebook.

After the The Wall Street Journal listed those apps as sending users' sensitive information and contacted the developers, some of those apps ceased their sensitive data sending to Facebook, while some kept continuing what they do.

Reviewing the report, Facebook spokesperson said that:

"It’s common for developers to share information with a wide range of platforms for advertising and analytics."

"We require the other app developers to be clear with their users about the information they are sharing with us, and we prohibit app developers from sending us sensitive data. We also take steps to detect and remove data that should not be shared with us."

This case continues Facebook's list of criticisms.

Previously, the popular social media has been embroiled in a range of privacy scandals, such as ones involving two of its own apps - Onavo Protect and Facebook Research - which angered Apple. Another case was the Cambridge Analytica, which Facebook found to be harvesting user data without user consent for the sake of building voter profiles.