New York investigating at least eleven iOS apps for transmitting personal data to Facebook, including ‘sexual activity’

“A New York regulator is ramping up a promised investigation of how Facebook Inc. gathered sensitive personal information from popular smartphone applications, after a report by The Wall Street Journal revealed that some apps were sending the social-media giant data, including users’ body weight and menstrual cycles,” Sam Schechner reports for The Wall Street Journal. “The state’s Department of Financial Services on Wednesday sent a series of letters seeking information and documents from Facebook and the developers behind the at least 11 apps mentioned in the Journal’s reporting, according to a person familiar with the investigation.”

“The evidence-gathering is the first concrete step in an investigation that New York Gov. Andrew Cuomo ordered last Friday, just hours after the Journal report, which found that the 11 apps were sending intensely personal information to Facebook as soon as it was entered by users or recorded by the app — regardless of whether the user logged in via Facebook or was a member of the social network,” Schechner reports. “New York’s investigation adds to mounting scrutiny from regulators of Facebook’s privacy practices. Last year, the U.K.’s privacy regulator fined Facebook GBP500,000 ($665,000) for allowing political data firm Cambridge Analytica to access data on tens of millions of Facebook users. The U.S. Federal Trade Commission is currently also investigating the company. On Thursday, Ireland’s privacy regulator said that it has 10 open investigations into whether Facebook or its subsidiaries have violated the European Union’s new privacy law, called GDPR.”

“The Journal found 11 popular apps — including six of the top 15 health-and-fitness apps in Apple Inc.’s U.S. App Store — were using a software-development kit, or SDK, provided by Facebook to send the social network data including users’ heart rate or blood pressure,” Schechner reports.

On February 24th, Schechner reported for the Journal, “A popular food- and exercise-logging app, Lose It! stopped sending Facebook sensitive personal information, Sunday’s test showed. In earlier tests, the app had been sending Facebook the weight users logged, along with how much they had gained or lost, and the caloric content of every food item they logged. It also sent the caloric value of every exercise logged: When a user entered having completed 45 minutes of ‘sexual activity’ during one test, the app sent that information to Facebook along with an estimate of how many calories the activity burned.”

Read more in the full article here.

MacDailyNews Take: As we’ve said ad infinitum, Facebook is an evil outfit that’s constantly up to no good and utterly bereft of a moral compass.

Facebook employees should be ashamed.

If Facebook disappeared tomorrow, the world would be a better place.MacDailyNews, January 30, 2019

We use FaceBook as an RSS feed. Our CMS automatically reposts our article headlines and links them back to our website. That is our only interaction with Facebook and has been our only interaction with Facebook for years. We deleted our personal accounts [which we opened only so we could understand the Facebook phenomenon] many years ago.

If you want to share photos and videos with friends, text them using Apple’s end-to-end encrypted iMessage service. You need to control your social networking, not cede it to a gatekeeper like Facebook. – MacDailyNews, March 19, 2018

If you haven’t already (as if you haven’t seen and heard more than enough), as we’ve been advising for years: #DeleteFaceBook!

As we wrote last May, “If you trust Mark Zuckerberg to be the keeper of your photos, contacts, political views, religious beliefs, etc., you’re batshit insane.”

Instant messages sent by Mark Zuckerberg during Facebook’s early days, reported by Business Insider in May 2010:

Zuckerberg: Yeah so if you ever need info about anyone at Harvard
Zuckerberg: Just ask
Zuckerberg: I have over 4,000 emails, pictures, addresses, SNS
[Redacted Friend’s Name]: What? How’d you manage that one?
Zuckerberg: People just submitted it.
Zuckerberg: I don’t know why.
Zuckerberg: They “trust me”
Zuckerberg: Dumb fucks

These apps are stealing your most private data and it should be a crime – February 25, 2019
You give apps your sensitive personal information, then they tell Facebook, even if you have no connection to Facebook – February 22, 2019
Apple blocks Facebook from running all of their internal iOS apps by revoking distribution certificate – January 30, 2019
Apple bans Facebook’s ‘research’ app that paid teens to install VPN that spies on them – January 30, 2019
Hidden documents reveal how Facebook made money by bamboozling children – January 18, 2019
Roger McNamee: I mentored Mark Zuckerberg. I loved Facebook. But I can’t stay silent about what’s happening. – January 17, 2019
Apple CEO Cook calls for U.S. Congress to pass comprehensive federal privacy legislation in TIME op-ed – January 17, 2019
Senator Marco Rubio introduces privacy bill to create federal regulations on data collection – January 16, 2019
Apple endorses comprehensive privacy legislation in U.S. Senate testimony – September 26, 2018
Trump administration working on federal data privacy policy – July 27, 2018

[Attribution: 9to5Mac. Thanks to MacDailyNews Reader “Fred Mertz” for the heads up.]


  1. I thought Apple controlled what Apps can do and not do. I know Apple has banned Apps that support things like pro-life citizens. Is Apple letting Facebook routinely violate is supposedly sacred privacy principles? If this has been done then Facebook should be banned from the App Store. It’s not complicated, if Apple truly believes in privacy.

    1. Apple can manage what data an app can get from the iPhone (location, camera, etc.), but anything you provide to an app directly is theirs (that data is not usually residing “in” the app anyway, it’s off to their servers within fractions of a second).

      I think that’s what many people are missing. App data isn’t app data. It’s cloud data. And with a lot of apps, do you even know who is running the server with your data? Do you have any idea what their business model demands they do with your data?

      1. That’s not what Apple claims.

        One should ask whether they should continue blindly trusting any company with personal data in any cloud. That includes Apple. If an Apple device can’t even inform the user when his data is fast tracked to Zuckerberg, then Apple cannot be trusted. Obviously there are major issues with Apples app review, data management on device, data sandboxes and transfer, as well as basic user alerts and information.

        This stuff isn’t hard. The problem is that Cook doesn’t bother to work on it if it doesn’t make him millions in subscription revenue. That’s one more reason not to trust the pipedream Apple sells. Your data is neither secured nor private when apps can do this on iOS devices.

        1. You are wrong. Completely wrong. That is exactly what Apple claims with respect to its iOS devices. Apple restricts the data that third parties can collect without your permission. For example, an app cannot use your location data or access your contacts unless you explicitly give permission.

          However, if you voluntarily enter personal data into an app or website, then the burden is on you. How is Apple supposed to control information that you send to someone else?! That is collected and processed on another server?! Get a frigging clue about how the world works!

          What’s next? Are you going to hold Apple responsible when you whisper a secret to a friend over your iPhone and that person blabs you secret to everyone? You need a strong dose of logic and personal responsibility.

  2. I think Facebook will just use the defense that they’re a marketing / data company, and the fault, if any, lies in the EULA of the app and/or phone ecosystem. To be clear, I don’t agree with that at all, but if data is sold on the open market, then Facebook is just like any other company in purchasing the data. Now, if proven that FB did shady stuff to get the data – and I wouldn’t be at all surprised – then all of the above is moot.

Reader Feedback

This site uses Akismet to reduce spam. Learn how your comment data is processed.