Alarming new research has found supposedly private user data is being shared between Facebook and thousands of companies through hidden tracking techniques.
In the study, users downloaded a three year span of data from Facebook which found that on average, each individual had their data shared by 2,230 companies.
While the individuals who submitted their data for this research were not demographically adjusted, they are of a demographic group that is more inclined to be privacy conscious, hinting that the average Facebook user’s data may have been shared far wider.
Data is the new oil, and you're leaking more than you think
The research was conducted by Consumer Reports, a non-profit, independent organization seeking to provide transparency on how consumer data is used, and found that for the 709 volunteers who submitted their data there were 186,892 companies that shared their data with Facebook.
The data was collected using Facebook’s own transparency tools which provided the researchers with a unique look into how data is transferred from a company’s servers to Meta’s servers in an incognito form of tracking called “server-to-server.”
While many companies commonly observed in the top 100 list for each user included brands such as Amazon, Walmart, and Home Depot, there were also over 7,000 companies listed in the data which had unreadable names written with random letters and numbers. Moreover, a number of companies listed in the data had very generic names that could be referring to several very different companies.
The data gathered was split into two identifiable categories known as ‘events’ and ‘custom audiences.’ The first kind is data collected from user interactions with a brand or organization collected by a Meta tracking pixel when a page is visited or a product is purchased. The second form of data is collected to create audiences with similar interests to be targeted by advertisements on Facebook.
In a statement to The Markup, Meta spokesperson Emil Vazquez said, “We offer a number of transparency tools to help people understand the information that businesses choose to share with us, and manage how it’s used.” However, The Markup points out that there are several hoops to jump through in order to reach this data through Facebook’s settings.
The Markup also spoke to Caitriona Fitzgerald, Deputy Director of the Electronic Privacy Information Center on the topic of server-to-server tracking, with Fitzgerald stating that “This type of tracking which occurs entirely outside of the user’s view is just so far outside of what people expect when they use the internet. They don’t expect Meta to know what stores they walk into or what news articles they’re reading or every site they visit online.”
Consumer reports concluded their research with a number of policy recommendations including implementing data minimization provisions so that companies only collect the bare minimum amount of data needed to provide a service, provide streamlining tools for opt-out requests by implementing an authorized agent to process opt-out requests on behalf of consumers, and providing greater scrutiny over the types of adverts that can be shown to consumers on Facebook to eliminate scams and fraudulent advertisements.
More from TechRadar Pro
- Take a look at our guide to the best data recovery software
- Want some privacy? Here are our rankings of the best privacy tools and anonymous browsers
- Emerging trends in data breaches and how to address them
Are you a pro? Subscribe to our newsletter
Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!
Benedict Collins is a Staff Writer at TechRadar Pro covering privacy and security. Before settling into journalism he worked as a Livestream Production Manager, covering games in the National Ice Hockey League for 5 years and contributing heavily to the advancement of livestreaming within the league. Benedict is mainly focused on security issues such as phishing, malware, and cyber criminal activity, but he also likes to draw on his knowledge of geopolitics and international relations to understand the motives and consequences of state-sponsored cyber attacks.
He has a MA in Security, Intelligence and Diplomacy, alongside a BA in Politics with Journalism, both from the University of Buckingham. His masters dissertation, titled 'Arms sales as a foreign policy tool,' argues that the export of weapon systems has been an integral part of the diplomatic toolkit used by the US, Russia and China since 1945. Benedict has also written about NATO's role in the era of hybrid warfare, the influence of interest groups on US foreign policy, and how reputational insecurity can contribute to the misuse of intelligence.
Outside of work Ben follows many sports; most notably ice hockey and rugby. When not running or climbing, Ben can most often be found deep in the shrubbery of a pub garden.