LONDON—Facebook has changed the fine print in its terms of service to clearly explain to users that it makes money by using their data, the European Commission said on April 9.
The social media giant modified its terms and conditions to better inform users what they are signing up for, the commission said. The new wording will clearly explain how Facebook uses the data it collects on users to develop profiling activities and target advertising to “finance” the company, it said.
The company made the changes after discussions with the commission and European consumer protection authorities. EU regulators stepped up scrutiny of Facebook’s terms after the Cambridge Analytica data privacy scandal, in which data on 87 million Facebook users was allegedly improperly harvested. They also want tech companies to bring their terms in line with European consumer law.
If Facebook wants to restore consumer trust after the scandal, it “should not hide behind complicated, legalistic jargon on how it is making billions on people’s data,” European Union Consumer Commissioner Vera Jourova said in a statement.
“Now, users will clearly understand that their data is used by the social network to sell targeted ads,” she said.
The changes are part of broader global efforts to rein in social media companies amid concerns about privacy breaches, harmful content, and other online abuses.
Facebook said it’s not changing the substance of its terms, just improving how it describes things.
The changes will take effect worldwide, in another sign of how stricter EU rules on tech companies are being felt globally.
“We’ve been doing a lot of work this year to better explain how Facebook works, what data we collect, and how we use it. As part of these ongoing efforts, we’ll be updating our Terms of Service to be more clear about how Facebook makes money,” the company said in a statement.
The new terms explain that Facebook is free for users in return for sharing their data and exposing them to ads.
Other changes include outlining services Facebook sells to third parties based on user data and letting users know how they can close their accounts and under what reasons their accounts can be disabled.
Facebook is expected to make all the changes by the end of June. If it doesn’t, the commission said it can use enforcement measures, including unspecified sanctions.
Report: Apps Give Facebook Sensitive Health and Other Data
NEW YORK—Several phone apps are sending sensitive user data, including health information, to Facebook without users’ consent, according to a report by The Wall Street Journal.
An analytics tool called “App Events” allows app developers to record user activity and report it back to Facebook, even if the user isn’t on Facebook, according to the report.
One example detailed by the Journal shows how a woman would track her period and ovulation using an app from Flo Health. After she enters when she last had her period, Facebook software in the app would send along data, such as whether the user may be ovulating. The Journal’s testing found that the data was sent with an advertising ID that can be matched to a device or profile.
Although Facebook’s terms instruct app developers not to send such sensitive information, Facebook appeared to be accepting such data without telling the developers to stop. Developers are able to use such data to target their own users while on Facebook.
Facebook said in a statement that it requires apps to tell users what information is shared with Facebook and it “prohibits app developers from sending us sensitive data.” The company said it works to remove information that developers should not have sent to Facebook.
The development comes as Facebook is dealing with increased scrutiny over how it handles user data. Last week, British lawmakers issued a scathing report calling for tougher privacy rules for Facebook and other tech firms.
Criticisms over privacy intensified nearly a year ago following revelations that the now-defunct Cambridge Analytica data-mining firm accessed data on some 87 million Facebook users without their consent. The U.S. Federal Trade Commission has been investigating that as well and is reportedly in negotiations with Facebook over a multibillion-dollar fine.
The data-sharing is related to a data analytics tool that Facebook offers developers. The tool lets developers see statistics about their users and target them with Facebook ads.
Besides Flo Health, the Journal found that Instant Heart Rate: HR Monitor and real-estate app Realtor.com were also sending app data to Facebook. The Journal found that the apps did not provide users any way to stop the data-sharing.
Flo Health said in an emailed statement that using analytical systems is a “common practice” for all app developers and that it uses Facebook analytics for “internal analytics purposes only.” But the company plans to audit its analytics tools to be “as proactive as possible” on privacy concerns.
Hours after the Journal story was published, New York Gov. Andrew Cuomo directed the state’s Department of State and Department of Financial Services to “immediately investigate” what he calls a clear invasion of consumer privacy. The Democrat also urged federal regulators to step in to end the practice.
Securosis CEO Rich Mogull said that while it is not good for Facebook to have yet another data privacy flap in the headlines, “In this case it looks like the main violators were the companies that wrote those applications,” he said. “Facebook, in this case, is more the enabler than the bad actor.”
By Mae Anderson