Will Facebook really be closed

How to prohibit apps on Facebook from accessing your data

It's practical: Don't create a new account with the newspaper's ePaper, just use the Facebook login. Or funny: to find out which animal you could be reborn as. Facebook offers such opportunities. This usually requires small applications that run on Facebook and are called apps in the social network. Do you know how many apps you have activated on Facebook and which of your data they access? Not to mention what the providers of these apps do with your data ...

The first tip sounds succinct: Use only those applications that you really need and find out what happens to your data (for example in the provider's privacy policy).

Tip two: In the Facebook settings (login required) you can regulate what such apps are allowed to do with the information in your Facebook profile and which of your Facebook data they are allowed to access. It works like this:

Setting the apps on Facebook on the smartphone / tablet

  • Open the Facebook app on your phone or tablet (if installed).
  • Open the "burger menu" (the three horizontal lines).
  • Swipe up and tap Settings & Privacy.
  • Tap on "Settings".
  • If necessary, swipe up a little and tap on "Apps and websites" (this link will also take you directly there).
  • You will see a box that says “Signed in with Facebook”. There tap on "Edit".
  • If you use applications on Facebook, these will now be listed.
  • You can tap any individual app. There you will then be listed which of your profile information the application is allowed to access and who can see on Facebook that you are using this app.
  • If you no longer want to use the app, swipe up and tap "Remove app" at the very bottom of the page.

Setting the apps on Facebook on the PC

  • After logging into Facebook, click the circle with the triangle in the top right corner.
  • Click Settings and Privacy, then Settings.
  • Click on "Apps and websites" in the left navigation bar (this link will also take you there if you are logged into Facebook in another browser window).
  • The running apps are displayed in boxes. Click on this to see the app's permissions and, if necessary, to change them or to remove the application.

Set access rights for apps on Facebook

If you now see that you have activated apps on Facebook, you can manage the permissions for data access. For each app, it is shown individually which of your Facebook data it can access. Most should require "Public Profile". You may be able to remove many other checkmarks (such as "publish content on your behalf"). Of course, the application may then no longer work as it should. However, we recommend allowing as little as possible. If a checkmark cannot be removed and you do not want to allow the application to access the data or function, you ultimately have no choice but to remove the app.

Incidentally, Google also offers its users an overview that is comparable to that of Facebook. There the area is called "Apps with Account Access".

What apps could do with your information

There are apps that comment, like or even write other posts on your behalf. There are known cases in which Facebook users suddenly advertise fake shops in posts without knowing or wanting to.

In addition, the app operators can also use the data received for their own purposes in the background. Example: You have given an app access to its public profile and are showing your relationship status publicly. The app can collect this information and send it to the operator. This could, among other things, learn

  • whether you are in a relationship,
  • what sexual orientation you have.

This is important personal information. Sexual orientation, for example, is particularly worthy of protection under current data protection law. That means: if you want to know that from you, you must have a special interest in it and be able to justify it. And you usually have to give your express consent to their use.

What could happen to it? Not only are advertisements conceivable that are tailored precisely to you and thus seduce you into making a purchase even more easily. It can be worse in other countries, where certain sexual orientations are punishable. In addition, personal data such as e-mail addresses and mobile phone numbers can be collected in this way and published as a so-called leak. This is what happened at Easter 2021, for example. The scandal surrounding Facebook and the British consulting firm Cambridge Analytica shows that data obtained in this way can also be used to influence your decisions and even manipulate elections.

"Apps used by other users"

Until the beginning of April 2018, Facebook also offered the option of users being able to determine which of their data could be accessed by apps that their friends had activated. "Apps used by other users" was the name of the area that has since been removed. According to Facebook, apps are generally no longer allowed to access information from friends. Cambridge Analytica had taken advantage of this opportunity with an app called "This Is Your Digital Life".


Larger data breaches with Facebook apps

Several breakdowns have come to light in the past in connection with apps that run on the Facebook platform. Examples:

530 million Facebook user data published

On the Easter weekend of 2021, a report shocked numerous Facebook members: Personal data of more than 530 million of them are said to have been published on the Internet. This should also include data from around 6 million users in Germany. According to media reports, they were probably captured via a security hole that Facebook claims to have closed in August 2019. At that time, mobile phone numbers from Facebook profiles, among other things, were unencrypted. A few days after the so-called leak became known, Facebook stated that the information was probably collected through scraping (i.e. the automated collection of publicly available data). As described above, apps create the possibilities for this.

267 million Facebook user data openly online

Between December 4 and 19, 2019, the personal data of 267 million Facebook users was unprotected on the Internet. The data sets contained, among other things, user names, Facebook ID, telephone numbers, said security researcher Bob Diachenko on Twitter. The data could have been collected through misuse of Facebook interfaces (API) and used, for example, for phishing or SMS spam.

App developers stored data publicly on Amazon

On April 3, 2019, it became known that the Mexican company Cultura Colectiva had stored various user data in a publicly accessible manner on Amazon's cloud servers. The US media reported that 540 million records were there and were removed after they became known. The developers of an app called "At the Pool" also saved 22,000 records publicly - including passwords and e-mail addresses. The data leaks did not occur directly on Facebook, but they show that the social network does not appear to have extensive control over developers for apps that run on the Facebook platform. This case is reminiscent of the scandal surrounding the British consultancy Cambridge Analytica in March 2018.

Data breach with photos

On December 14, 2018, Facebook announced in a blog post that app developers had the opportunity to access photos from around 7 million users, even if they were not uploaded publicly. The data leak existed from September 13 to 25, 2018. Facebook users can check a special help page to see whether they are affected.

If you want to end your Facebook membership, you can delete your profile on the following page: https://www.facebook.com/help/delete_account

This means that your profile and all your details can no longer be found by others. However, it is unclear whether all of your data will really be irrevocably deleted from the Facebook servers.

This content was created by the consumer advice center North Rhine-Westphalia for the network of consumer advice centers in Germany.