Healthcare Information Security

Mobile News

New York Governor to Investigate Facebook Health Data Practices

A WSJ report that found several apps share sensitive data with the social media platform -- often without user consent; the NY Governor calls it “an outrageous abuse of privacy.”

mobile app social media health data privacy and security

By Jessica Davis

- New York Governor Andrew Cuomo ordered an investigation into Facebook’s health data and sensitive data practices on Friday, following a Wall Street Journal report that found the social media platform might be accessing more data from smartphone users than previously thought – and without user consent.

The WSJ report found 11 apps with millions of users share data with Facebook, with little to no disclosure to its users. These apps were found from just a sample of 70 of the most popular apps on Apple and Google’s app stores.

For example, Instant Heart Rate: HR monitor would send heart rates of its users to Facebook immediately after it was recorded.

Further, the report found that Facebook collects the data from many apps – even if the user has no Facebook connection and often without specific disclosure alerts to the user.

According to Cuomo, the New York Departments of State and Financial Services will look into claims that Facebook receives sensitive user data from several popular apps, like blood pressure readings, which violates Facebook’s own practices.

The practice is an “outrageous abuse of privacy” that “represents an invasion of privacy and breach of consumer trust,” Cuomo said in a statement. “According to the report, a wide range of apps are sending highly personal data to the social media giant apparently without users' consent and even when users are not logged in through Facebook.”

In addition to the state probe, Cuomo called for federal regulators to “help put an end to this practice and protect the rights of consumers.”

In a statement to Reuters, Facebook said it would cooperate with New York’s investigation and argued that the WSJ report focused on how other apps use the data of individuals to create ads. Further, Facebook said it would tell the apps flagged by the WSJ report that they should stop sending sensitive data and may take action if they don’t comply.

“We require the other app developers to be clear with their users about the information they are sharing with us, and we prohibit app developers from sending us sensitive data,” Facebook officials said in a statement. “We also take steps to detect and remove data that should not be shared with us.”

It’s been a rough year for Facebook, since the Cambridge Analytica scandal came to light in early 2018. A report revealed the British consulting firm harvested data from millions of Facebook users for political purposes, without consent. Several Congressional hearings have followed, along with fines and some countries placing restrictions on Facebook’s data gathering.

Just last week, a health privacy group released a complaint they sent to the Federal Trade Commission in December, blasting Facebook for misleading users about the privacy policies of its closed health groups. In response, US lawmakers gave CEO Mark Zuckerberg until March 1 to provide answers as “the complaint raises a number of concerns about Facebook’s privacy policies and practices.”


SIGN UP and gain free access to articles, white papers, webcasts and exclusive interviews on

HIPAA Compliance
Data Breaches

Our privacy policy

no, thanks

Continue to site...