You’ll never read Facebook’s new data policy, so we did it for you

mark zuckerberg testimony header
Bill Clark/Getty Images

(in)Secure is a weekly column that dives into the rapidly escalating topic of cybersecurity.

With privacy-centric European Union legislation set to take effect soon, and on the heels of the Cambridge Analytica scandal, Facebook recently introduced a new data policy. Just when you had the old one memorized, right? Facebook says it wants to be more transparent about how its Products track almost everyone who uses the internet – even those without a Facebook or Instagram account.

We’ve gone through the policy to help you make sense of what Facebook is trying to communicate.

What kinds of information does Facebook collect?

Facebook is collecting and using your posts, messages, photos, and other information you provide, such as the groups you belong to, the pages you visit, hashtags you use, and so on. Even if you don’t identify your religion, the site may still infer something about your identity or interests if, say, you join a Bible study group. Purchasing items through the site, spending three hours a day browsing photos on Instagram, and being active in a group, will all feed into the picture Facebook has of you.

Facebook isn’t just Facebook. It’s also Instagram, WhatsApp, Oculus, and so on.

Facebook sucks up data on the devices you use, too — probably more than you expect. Not only does it know what kind of phone or PC you have, your operating system, and browser type, it’s analyzing how much battery you have left, and your storage space. It’s also looking at your mouse movements to see what you hover over or blaze past. If you have Facebook open in the background but aren’t using it, it’s clocking that, too.

The Facebook portfolio

Facebook isn’t just Facebook. It’s also Instagram, WhatsApp, Oculus, and so on. The way you use these sites affects not only you but your “Friends” as well. When you comment on your sister’s post, that interaction affects the profile Facebook has of both of you. If you sync your contact data with the Messenger app, the company gets the phone numbers and email address digital black book — even if they don’t use Facebook.

Maybe your Facebook privacy settings are on lock down, but you’re looser on Instagram. Well, those interconnected sites are sharing amongst themselves. For example, Facebook analyzes your communications in Messenger, though it claims only for your safety (like to prevent malware). Recently, a user was upset to realize the Messenger app was logging his call history.

It knows where you are

When you gave Facebook access to your camera or photos or GPS, you were probably thinking about how it would make things convenient for you. But it’s not just that one photo it has access to — it has everything in your library.

Game apps, retailers, and all kinds of sites and companies are sharing information about you with Facebook.

The more devices you use to log on to Facebook, the more information it’s going to gather. Ditto for the company’s apps. You might want to consider limiting your Facebook use to a single device. If location privacy is important to you, you could stick to a laptop, but keep in mind that Facebook also knows your IP address and can scrape metadata from photos to get location information. Your “Friend” might tag you when she checks in at the park for your Saturday softball practice.

What about non-Facebook users?

Facebook has denied it creates “shadow profiles” of non-users, but even if you don’t have a Facebook page, you’re not anonymous to the tech giant. Game apps, retailers, and all kinds of sites and companies are sharing information with it. When you click any kind of user agreement, you’re giving away more than you bargained for.

1 of 4