How does Meta’s Facebook read data from your phone?

Article by Tsaaro

7 min read

How does Meta’s Facebook read data from your phone?

I’m sure that the title of this blog comes as no surprise to you. 

Yes, Facebook loves to collect data, and yes, it is only in the past decade that we have realised the scope of its data collection and tracking activities. 

The company has a long-standing history of privacy hostility. Previously, it has been accused of using several creative ways to extract data from its users by tracking users’ mouse movements and recording the SMS details received on a user’s phone. 

But are these actions limited to those who use Meta’s services? Researchers have now discovered that Facebook can track not only the users of its platform and those who consciously distance themselves from its allure. 

Firstly, Facebook and Instagram share infrastructure, technology and systems with other Meta companies (including WhatsApp and Oculus) to provide their services. If you are a service user of any product of the Meta family, your information is pooled from all such sources into one compressed file. Secondly, Facebook has also developed a deviously clever method to track those who do not use their services. Non-users are tracked through other applications as numerous app developers use a tiny piece of code called a Software Development Kit (“SDK”) handed out by Facebook, which shares the users’ information with it. 

Let us look at it in more detail.

What data is Facebook interested in?

Facebook is practically interested in all of your data. It collects the data that you provide and then some. 

Once you make an account with the social media giant, you agree to share your on-site activity with it. This includes who you search, the groups you’re a part of, your social media network, and everything shared on Messenger – messages sent out, every file shared, audio notes and the contacts on your phone. Facebook also stores what it thinks you might be interested in based on the items you have liked and the discussions you have with your friends. 

Although the social media giant says it uses your data to show you relevant ads and keep users safe, such data collection is a calculated and deliberate move as it is integral to Facebook’s business model. The company generates revenue through targeted advertisements based on the user data and things you search for on the internet. Notably, Facebook has a history of being careless while protecting user data, especially while sharing the same with third parties.

The Facebook data policy is here, and a user-friendly version of handling your data is here.  

How does Facebook read data from your phone?

Apart from the data collected on the platform itself, Facebook collects data when you’ve left its website. Information such as your IP address, login credentials and location, the advertisements you click on, and the kind of browser you are using is details that websites generally store about you. Facebook marketing tools are also used by many websites, which implies that as a part of their contractual obligations, these websites will have to transfer their users’ data to Facebook, which is then combined with their Facebook profiles. Additionally, Facebook also can track your browsing or search history. 

Through its mobile application, Facebook gets permission to log the Wi-Fi networks that the user connects to, the type of phone being used, and other applications on the phone, in addition to the on-site activity of the user. Even with the location tracking turned off, Facebook still records the approximate location via the user’s IP address.

A couple of years ago, Christopher Weatherhead and Frederike Kaltheuner, researchers at Privacy International security, discovered how Facebook collected data on non-users based on a study conducted by Oxford University. According to this study, 42.5 per cent of the free applications on the Google Play Store shared their user data with Facebook as the SDKs used to develop them link their apps with Facebook’s platform. Developers are allowed to make necessary changes to the SDKs, but it is seen that most developers proceed with the default version of the SDKs. Facebook on its account also encourages the developers to get consent from their app users, along with the option to change the content access provided to it. However, since the developers use the default version of the SDK, it gets access to all user data as soon as they open the application.

 

Ready to get spooked? Facebook provides an option through which you can download all the data it has on you. Click on the link provided to know more about the information that Facebook has on you – https://www.facebook.com/help/131112897028467

How can you protect your data?

Truth be told, you can’t stop Facebook from collecting your data once you sign up on their platform; however, you can limit how the data collected affects the advertisements that you see by visiting the ads preference page. A quick look into “your interests” can tell you what Facebook thinks you’re into. You can open up “ad settings” to make more changes. Here, you can control whether you want Facebook to use data from its marketing partners to put relevant ads in front of you.

The tracking activities of Facebook through marketing firms and ad networks have received a lot of criticism over the years, leading to the announcement of the “Off-Facebook-Activity” tool. By turning it off, data from these sources will be disconnected. It is important to note that even though this might seem like a comprehensive solution, the crux of the issue – how much data does Facebook collect, remains unaffected. That is, the association between what you do on Facebook and other sites is cut off, yet the data continues to be managed.

Some web activities used to target you can be stopped by visiting the YourAdChoices site run by the Digital Advertising Alliance. Tick the Opt Out box in the list of entries indicating Facebook advertising targeting. This will have to be done separately for each browser for the most significant impact. You should opt-out of all other platforms as well. 

Using a VPN can also help limit the amount of data that Facebook collects by changing your IP address and encoding your data. The company and other websites will still be able to see your new IP address, but the data will be encrypted, adding a layer of protection. Deactivating tracking by blocking third-party cookies on your browser and using a well-respected tracker blocking extensions such as Ghostery and Privacy Badger is also beneficial.

When it comes to mobile applications, it is best not to install the Facebook app on your phone. If you have it installed, you must block Facebook’s access to your phone’s location, contacts, microphone and camera. It is advisable to either opt out of using Facebook’s services or reduce your activity on Facebook if such a drastic step is not suitable. Being extremely cautious of your share data will help secure your data.

Conclusion

To emphasise, Facebook, like Google, has promised users that the data collected helps it improve its services and makes the user experience safer and more convenient and generates profits for the company. However, as was seen in the Cambridge Analytica data misuse scandal, when it comes to user privacy, Facebook took to the notion that it was simply too “idealistic and optimistic” and that ‘bad actors’ had exploited its goodwill. Such claims of being clueless about the repercussions of the company’s part in the mishap indicate why users today do not trust this tech giant. 

Wall Street Journal recently caught hold of certain internal documents of Facebook, which demonstrated that the company was aware of the harmful effects of Instagram on the mental health of teens. Data collection and profiling of users play a central role in what users see on Facebook leading to such harmful effects. It is high time that the company makes a conscious effort to respect user privacy and their general well-being instead of making fake privacy ensuring tools to “opt-out” of certain services. 

This article is written by Aryashree Kunhambu

Tsaaro Consulting

In today’s fast-paced business environment, organisations are constantly seeking innovative methods to adapt and scale efficiently. Staff Augmentation Consulting services, …

Tsaaro Consulting

INTRODUCTION: In today’s interconnected world, businesses operate across borders, serving customers globally. This inevitably leads to the transfer of personal …

Shubham Bansal

INTRODUCTION: The Personal Data Protection Law No. 6698, known as Kişisel Verileri Koruma Kanunu (KVKK), is Türkiye’s landmark data protection …

Tsaaro Consulting

At the Singapore International Cyber Week 2024, The Cyber Security Agency (CSA) of Singapore released Guidelines on Securing Artificial Intelligence …

Tsaaro Consulting

The European Data Protection Board (EDPB) on 8th October 2024, issued draft Guidelines 1/2024 on processing of personal data based …

Recent Comments

SHARE THIS POST

Would you like to read regular updates from Tsaaro.
Subscribe to our newsletter

Our Latest Blogs

Read what the latest hapennings in the cyber world are and learn what the
experts have to say about them