“It has become second nature to connect various apps like Instagram, SocialCam, Angry Birds, CityVille, and Spotify to your Facebook ID. You just click ‘agree’ without even really knowing what you are agreeing to. What you don’t realize is that social apps linked to your Facebook profile can pretty much track your and your friends’ whole life.”
This quote, from Christian Sigl (co-founder of secure.me, which is now part of AVAST), originally appeared in Mashable in September, 2012.
Back then, we wanted to give users a heads-up and create awareness to think twice before sharing personal data with apps – regardless if via smartphone or the Web. Part of the message was that you never know what can happen with your data and in whose hands it could end up in. Today, we know where the data went: The NSA and its British counterpart, GCHQ, have accessed data from Angry Birds and other smartphone and tablet apps, including sensitive information like age, location, education level and sexual orientation. The data accessed was collected directly from phones including geolocation, handset model, handset ID, software version and more – but personal information like sexual orientation, age and education level probably came from social media connect options.
Rovio, the company behind Angry Birds, has reacted and denied that they provide data to the NSA. Instead, they point out that they will rethink relationships with the ad networks they work with. “The alleged surveillance may be conducted through third party advertising networks used by millions of commercial web sites and mobile applications across all industries”, Rovio announced.
Regardless of how this data landed on NSA desks, giving away your customer’s personally identifiable information to a third-party organization is never a good move.
Users couldn’t really have done anything to avoid their data from ending up with the NSA, the only preventative action that could have been taken would have been limiting the amount of personal data that could be collected from social networks. Social network data isn’t meta data, this is information people share voluntarily. So of course, we know today that the NSA can access very sensitive and personal information if they want to – they will find a way if you’re of interest to them. Most of us aren’t though and one thing you can do to limit the amount of data that’s collected is to avoid online oversharing with apps and social networks.