Stop Facebook, Twitter & Google giving away your data
Make sure companies aren’t getting access to your personal data with our site-by-site guide
Barely a day passes without apps or services seeking permission to access your data. Mobile app updates constantly seek permission to do more, websites want access to your Facebook or Twitter accounts, browser plugins want access to your Gmail. Before you know it – and often you don’t – there are dozens of third parties with access to your contacts, friends’ details and other sensitive information. And there’s no telling what they’re doing with it.
Whilst it’s almost impossible to put the genie back in the bottle – once someone has your data it’s very difficult to get it back – it is good practice to constantly audit who has access to your social media and email accounts, and strike off anybody who no longer needs it. Here, we show you how to control access to your data on the leading social media and mobile platforms.
Facebook app permissions
Third parties normally get access to your Facebook data for one of two reasons: you’ve used your Facebook credentials to log into their service or the app sucks in data from Facebook (so you can play against other friends in games such as Scrabble, for instance).
As Facebook explains, “your name, profile picture, cover photo, gender, networks, username, and user ID are always publicly available, including to apps. Apps also have access to your friends list and any information you choose to make public.”
If you want to see which apps are sucking out your personal data, visit the Facebook settings menu and select Apps from the left-hand menu. You’ll then get a list of all the apps you’ve used that have logged in with Facebook. You may need to click the Show All link at the bottom to get the full list. You can click on each app to see what information it gets, and click the little X button that appears when you hover over an app to revoke its ability to harvest your data.
Twitter app permissions
In the same vein as Facebook, Twitter is often used as a means of logging-in to apps or because apps (such as TweetDeck, Flipboard or even Apple’s Siri) pull information from your Twitter account or post to it on your behalf. Again, it’s easy to lose track of how many apps you’ve granted such permissions to.
To find out which apps have access to your account, go to the Twitter website, click on your profile pic in the top right corner and select Settings. Choose Apps from the list down the left, and you’ll get a full list of apps with access to your data. You can remove any of them by clicking the Revoke Access button next to their entry, unless it’s an iOS app.
Here, you have to go into the Settings menu on your iOS device, Find the Twitter entry and revoke the access for the particular app there. What if you no longer own the iOS device the app was installed on? Now you’re in a bind. The only way to bar access to apps on defunct devices is to revoke access to iOS entirely from the website’s settings. It’s all or nothing. To say that’s unsatisfactory is a mild understatement.
Google app permissions
An increasing number of apps use your Google credentials as a means of registration. There are also mail clients, calendar apps and web services such as IFTTT.com that might require access to your Google account to perform certain functions. Given that some of these apps get the right to view and manage your email, which could contain some highly sensitive information, you should make damned sure you know who you’re giving it to.
Go to https://myaccount.google.com and login with your Google account details. Scroll down to Connected Apps and Services and click View All. The full list of services with access to your Google account will appear, and you can click on each one to see what data they are privy to. You can boot out any of these apps by clicking on them and then selecting Revoke Access in the top-right corner.
If you use Google’s two-step verification, which doesn’t allow anyone to use your Google account details to sign into apps without first entering a code that’s sent to your mobile phone, you can also revoke passwords for specific apps here, too. There’s a link that allows you to review and revoke these app passwords at the bottom of the page. Expunge any that you no longer need to minimise the risk of your data falling into the wrong hands.
Microsoft/Windows app permissions
Plenty of Windows 8 apps demand access to your Microsoft account – perhaps more than you realise when you blithely click through the permissions warnings pre-installation. For many games, this is nothing more than having access to your Xbox Live account, so that it can post details of achievements. Other apps may have access to Microsoft email accounts, contacts and other personal data, however.
To check which apps have access to your Microsoft-held data, sign in at https://account.live.com and choose the Security & privacy tab at the top of the page. Now scroll down to the bottom and click the Manage permissions link below Apps & services. You can click on each app to see what it has been given access to and click on the Remove these permissions link for any app that you no longer use or have concerns about.
