This weekend news broke that a data breach of 50 million Facebook profiles was used by the data analytics firm, Cambridge Analytica, to assist the Donald Trump campaign. The news is worrisome for several reasons, and it speaks to a problem that digital rights and privacy advocates have been advocating against for years--the need for stronger user data protections and accountability for social media companies.

Facebook users’ personal information, such as likes and status updates, were used to build profiles of users in order to predict their electoral behaviour. The data breach happened through a personality test app called “thisisyourdigitallife”. Like most apps we connect to our social media, it was far from innocuous as the intrusive application, once given permission, harvested personal data of users. Furthermore, the application also collected information of the test-takers’ Facebook friends. The ostensible justification for collecting the data was to improve the user experience and was allowed by Facebook’s “platform policy”.

We all volunteer a lot of information on social media, however there is a serious lack of transparency on how this information is being collected, stored and used. One of biggest sources of data breaches are the applications we give permissions and access to--they are a source of constant collection and surveillance.

The following is step-by-step guide on how to secure your social media accounts and prevent third-party applications for harvesting your data:

1. Login to Facebook with your username and password
   

   ---

   
   

2. Click the drop down icon next to the Help icon
   

   ---

   
   

3. On left side Click Apps. You will be presented with apps that are currently using your Facebook credentials to sign in
   

   ---

   

4. Clicking on any app you will be presented with the settings of that app. In this example, we will use Careem and see what sort of settings are available
   

   ---

   

The options presented by Careem are as follows. Some details of these options are:

• App Visibility. This setting simply allows the audience for the app. In the screenshot it’s selected to “Only Me” meaning only the owner of the profile can see that the app is being used. If changed to “Friends” then only friends will be able to see that the owner of this profile uses this app

• Public Profile. This app is currently accessing my Name, Profile Picture, Age, and Gender which is required by the app for registration purposes. You can see this information in Careem app as well. Your basic info is being picked directly from your profile when you sign up for the app using your Facebook credentials.

• Email Address: Email address accessed by the app for signing in purposes.

• Notifications are enabled if I use Careem directly from Facebook app.
  

  5. To revoke access simply click the “x” sign and click on remove button

  ---

  
  

Authored by Shmyla Khan and Hamza Irshad