Facebook
A new study has found that more apps actually send user data to Facebook without asking permission from users. Getty Images/Oli Scarff

User data is still not safe with Facebook and many other apps. A recent study has found that many popular Android apps have been secretly sending private data to Facebook without asking permission from users.

Privacy International disclosed in its study shared via a paywalled Financial Times article that at least 20 out of 34 popular Android apps are sending personal data to Mark Zuckerberg’s social network without asking permission from users. Some of the apps that were identified in the report were TripAdvisor, MyFitnessPal, Skyscanner and Kayak.

Aside from oversharing sensitive information, another big concern that the report pointed out was the likelihood of these apps violating the EU’s GDPR (the General Data Protection Regulation) privacy rules. This is because the identified apps are transmitting user info without consent and for potentially identifying users’ identities.

User data shared to Facebook by these apps include analytics, Android ID, and many others. For instance, Kayak, which is a travel search engine, was found to be sending flight and destination search data, travel dates and even information on whether or not a user is bringing kids along to a flight. The controversial apps can also identify users based on the apps they have installed and if they typically travel around with the same person, as pointed out by Engadget.

Among the apps that were identified in the study, Skyscanner insisted that it was “not aware” that it was sending user data without consent. It’s possible that the app could still be using an older version of Facebook’s developer kit. Facebook only came up with the option to ask for permission after GDPR was implemented, so those that are using the newer version can only send data to Facebook once the user has permitted it.

Facebook has been in hot water since early last year when it was revealed that the company exposed data of around 87 million users to a Cambridge Analytica researcher, who was working for the Trump campaign. The data breach eventually caused the political consulting firm to shut down and it also tarnished Facebook’s reputation badly, as per Vox.

In September, Facebook’s privacy problems escalated severely when 50 million user accounts were exposed to a vulnerability that enabled attackers to directly take over user accounts, Wired first reported. Facebook managed to quickly patch the vulnerability, and the company has since been doing its best to secure accounts and protect users from data breaches and vulnerabilities.