The American technology giant Facebook has started blocking sensitive health information that third-party apps had been sharing with the social network in violation of its own rules, said New York officials who investigated the situation.
According to a recent report issued by the New York financial services department, data fed into a Facebook analytics tool by app makers included medical diagnoses and information such as if the users were pregnant.
“Facebook instructed app developers and websites not to share medical, financial, and other sensitive personal consumer data but took no steps to police this rule. By continuing to do business with app developers that broke the rule, Facebook put itself in a position to profit from sensitive data,” state financial services superintendent Linda Lacewell said.
Usually, users’ information from apps is shared with Facebook through a tool that gives the developers free analysis of data to guide them to make improvements in apps, according to the investigation launched last year.
In response to the inquiry, a Facebook spokeswoman stated that “Our policies prohibit sharing sensitive health information and it’s not something we want. We have improved our efforts to detect and block potentially sensitive data and are doing more to educate advertisers on how to set-up and use our business tools.”
Meanwhile, the report cited the example of Flo Health app used for tracking menstruation and fertility by more than 100 million people will notify Facebook each time a user logged in. Such sharing violated Facebook policy but went unchecked by the California-based internet giant, the investigator concluded.
As per the report, Facebook has created a list of terms blocked by its systems and has been refining artificial intelligence to filter those sensitive data that are not accepted in the analytics tool. The blocklist contains over 70,000 terms, including diseases, bodily functions, medical conditions, and real-world locations such as mental health centers.
The report endorsed a data privacy law proposed in the state by the governor that would expressly protect health, biometric, and location data as well as create a Consumer Data Privacy Bill of Rights.