If you’re reading this, you’re using a computer or smartphone, you’re probably one of Facebook’s two billion users and you might be wondering how vulnerable you are on the app.
A smash-and-grab of users’ personal Facebook data by a marketing questionnaire masquerading as a personality quiz in 2013 has now been implicated in a manipulative ad campaign in the 2016 U.S. federal election. The campaign, carried out over Facebook, allegedly used Cambridge Analytica data about Facebook users to target them with specific content designed to boost support for republican candidates.
In a statement this week, Facebook CEO Mark Zuckerberg said the company has taken measures since 2013 to limit the personal data third-party apps can access, but he admitted Facebook needs to do more to protect users from abusive apps.
“We have a responsibility to protect your data,” Zuckerberg said. “And if we can’t then we don’t deserve to serve you.
Zuckerberg outlined some of the steps Facebook will take to protect users in the future, from auditing apps with suspicious activity to further reducing developers’ access to users’ data and teaching Facebook users about the tools they can use to limit third-party app permissions.
Digital marketer Hillary Robert believes the best thing Facebook users can do to protect themselves is to be aware of how much control they actually have when it comes to sharing their data with third-party apps.
“I think because Facebook was the company that was the gateway for this to happen, people feel misled,” Robert said.
“In reality, it’s free access that people are granting voluntarily to these [third-party] companies through Facebook.”
Robert explained that while Facebook does make some user statistics public through its Audience Insights tool, it’s the additional data that developers gather with permission from users through third-party apps that makes targeted marketing so effective.
“When you’re filling out forms online, or when you’re visiting different websites or taking those little personality quizzes, you’re granting an application and a third-party developer permission to access personal Facebook data.”
Until Facebook takes additional steps to prevent third-party data mining companies from abusing the trust of its users, here are some practices Robert suggests users follow in order to protect their personal data on Facebook.
• Avoid linking third-party apps with your Facebook account, if you can. Most third-party apps allow users to sign up using their Facebook account. While this reduces the number of individual usernames and passwords a person has to remember, it usually results in those apps having access to personal Facebook data that can be used for marketing purposes.
Some websites, like the home sharing app Airbnb, are an exception. Security is a big concern with Airbnb, since users are opening their homes to other users, so the company takes extra measures to verify people are who they say they are. Linking users’ Airbnb accounts with their Facebook accounts makes it easier for them to provide that necessary information.
While it makes sense for Airbnb, it doesn’t necessarily make sense for other apps to have the same unlimited access to that information.
• Avoid taking quizzes through Facebook. Robert warns that many of the seemingly innocent questions users are asked in quizzes over Facebook provide valuable information to marketers.
“The questions that they’re asking are actually marketing qualification questions,” Robert said. “They’re using the questions in that quiz setting to give them more insight into the types of behaviors and personality traits of their ideal target audience.”
Plus, the terms and conditions users agree to in order to participate in quizzes usually give the app liberal access to the rest of the personal data they share on Facebook.
• If you do engage with a third-party app through Facebook, or you link an external account to Facebook, make sure you read the terms and conditions of that third-party app. Some of the terms are mandatory, but most aren’t. Users can often deny a third-party app many of the permissions it’s asking for, while still using the app.
“I think the consumer has to take some responsibility and actually understand what they’re agreeing to,” Robert said.
• Keep track of all of the third-party apps you’ve linked to your Facebook account by going to your App Settings page on Facebook. It’ll show which app accounts are linked to your Facebook account, and what their permissions are.
On this page, users can either completely unlink third-party apps from their Facebook accounts, or change permission settings for each app. Beware though, changing permissions after a company has accessed your data won’t remove that data from their database.
• Limit the amount of information you include on your Facebook profile in general. When you list interests on your profile like causes, bands, books, films and more, that information is provided by Facebook to advertisers through Facebook’s Audience Insights tool.
That’s part of the terms and conditions when you sign up to join Facebook. If you don’t want that information in the hands of advertisers, proactively manage or remove your interests on Facebook.
• Use the tools Facebook makes available to users. In addition to a providing a list of the third-party apps users’ accounts are linked to, Facebook allows users to monitor their relationship with advertisers on the app.
“I think Facebook is doing a lot by giving you that list and allowing you to cherry-pick what information you’re giving people,” Robert said. “And making it fairly clear in front of you how to go about doing that and selecting the information you’d like to provide these advertisers and data collection companies.”
If you know where to look, you can see the interests associated with your account — including pages you’ve liked — that advertisers can see. You can also see which advertisers you’ve interacted with and how they’ve managed to target you, whether by using your voluntarily provided personal details, or because you visited their app or website.
To learn where to find these tools and how to use them, watch this video.