Following the US Congressional hearing last week where CEO Mark Zuckerberg was grilled about Facebook’s data gathering and sharing practices, the social media network is trying to limit the damage by explaining how its various data collection policies work. In an official blog post, published on 16 April, Facebook throws light on the purpose and nature of data it is collecting from third party websites and apps which are using their various engagement tools.

These include Social Plugins (like and share buttons), Facebook Logins (it allows users to login to third party apps and websites with their Facebook account), Facebook Analytics (helps websites and apps identify their most engaging content) and Facebook Ads (shows ads from Facebook advertisers on third party apps and websites). Every time users visit one of the websites or apps which use any of these tools, Facebook collects information about them.

When a user visits a website, the web browser has to share some amount of user data with them such as IP address so it knows where to send the data and the OS (operating system) it is running on as the layout and content varies from one OS to another. It also shares Cookies with websites. Cookies are files created and saved by websites based on users’ browsing history. It allows them to respond quickly to repeat requests by users.

This means that if a website embeds any of the engagement tools by Facebook, the social media network also gets access to the user data shared by the browser with the website.

David Baser, Facebook’s product management director, claims that Facebook isn’t the only company that offers such tools and has access to user data. “Twitter, Pinterest and LinkedIn all have similar Like and Share buttons to help people share things on their services. Google has a popular analytics service. And Amazon, Google and Twitter all offer login features. These companies and many others also offer advertising services," adds Baser.

According to the blog, Facebook has updated its privacy policy making it a lot easier to understand how it is using the user data collected from other apps and websites. It also claims that Facebook doesn’t sell user data to anyone.

Social plugins and logins give Facebook access to users’ IP address and browsing habits though cookies. When a user clicks on a like button on a website or app, for the data to reflect on the website, Facebook has to send it to the browser and for that it needs the IP address. Cookies help them find whether the user is logged into Facebook or not.

Facebook Analytics provides developers information on how people are spending time on their websites and apps. Here cookies allow them to count the number of unique visitors and recognise those who have also got an account on the social network. Information on browser and operating system is relayed back to the developers to keep them updated about the platform from where it is getting more traction.

The advertisement tool allows Facebook to share statistics on how many people are responding to an ad with the advertising companies.

Facebook also revised the social login rules for third party apps, last week. Now it restricts apps from accessing users’ personal data if the app has not been used by them for more than three months.  

Close