Facebook has had yet another app leaking information about its users. The myPersonality app was found to have leaked the data of 4 million users to researchers and companies alike. The company has been auditing apps since the Cambridge Analytica debacle.
Today we banned myPersonality — an app that was mainly active prior to 2012 — from Facebook for failing to agree to our request to audit and because it’s clear that they shared information with researchers as well as companies with only limited protections in place. As a result we will notify the roughly 4 million people who chose to share their Facebook information with myPersonality that it may have been misused. Given we currently have no evidence that myPersonality accessed any friends’ information, we will not be notifying these people’s Facebook friends. Should that change, we will notify them.
Since launching our investigation in March, we have investigated thousands of apps. And we have suspended more than 400 due to concerns around the developers who built them or how the information people chose to share with the app may have been used — which we are now investigating in much greater depth.
It’s also why we’ve changed many of our policies — such as our expansion of App Review and our new policy that no information will be shared with apps if you haven’t used them in 90 days. We will continue to investigate apps and make the changes needed to our platform to ensure that we are doing all we can to protect people’s information.
Cambridge Analytica and myPersonality represent apps with large percentages of data leaks but there are other smaller ones as well. It’s likey that myPersonality isn’t the last app that Facebook is going to announce as having leaked millions of users data.