Even if you’re a hardcore #DeleteFacebook-er, you’re probably guilty of using your worn out Facebook account to log into the occasional app—just for the convenience factor alone. Now, the company’s offering a bit more insight into how these tools function.
In a company blog post announcing the “Login Notifications” rollout, software engineer Puxuan Qi explained that users will now receive notifications to remind them that third parties have a glimpse into their information and that controls are available to restrict how much of your personal data they can collect. The notifications will come via a nudge from the Facebook app and an associated email every time the user:
Logs-in to a third-party app with Facebook Login and grants the app access to their information.
Re-uses Facebook Login to sign into a third party app after an app’s access to information has expired.
Qi was also quick to note that these alerts will give Facebook users “a clear path” to edit the data-sharing settings for third-party apps.
It’s a rollout that accomplishes two things simultaneously. First, it plays into the company’s push to clean up its bad reputation when it comes to conversations about privacy. (And maybe it can even manage to be perceived as a good guy… someday.)
Second, it serves as a reminder that Facebook isn’t just the Big Blue App, nor is it just its subsidiaries, Instagram and Whatsapp. Rather, Facebook plays a major role in the internet’s basic architecture. The Facebook Login button, for example, is a basic convenience that’s populating the pages of more than sixty thousand sites across the web, according to the analysis tool Builtwith. When you start looking at other tools, like the Facebook Pixel, that number racks up to more than two million sites. And none of this is even touching the untold number of apps using similarly basic analytics tools like the Facebook Software Development Kit, or SDK.
What’s somehow more ironic is that even if you don’t agree to these services, Facebook is still collecting data about you. As the company explained in a 2018 blog about its offsite data collection practices:
We use your IP address, browser/operating system information, and the address of the website or app you’re using to make these features work. For example, knowing your IP address allows us to send the Like button to your browser and helps us show it in your language. Cookies and device identifiers help us determine whether you’re logged in, which makes it easier to share content or use Facebook to log into another app.
While this explanation is perfectly innocuous, it still highlights the fact that the sheer act of visiting a website or opening an app with one of these tools (or others!) installed means that your IP address (and more!) are shuttled through Facebook’s vast data collection enterprise. It doesn’t look this update will touch that in the least.