Misleading Users and Empty Threats

Much has been made about the new cross-app tracking in iOS 14.5.

I mentioned it briefly in last month’s tech roundup, and I also linked to Apple’s “A Day in the Life of Your Data” presentation back in January. The presentation gives a broad overview of some of the data collection mechanisms these companies have, that can digest and organize an incredible amount of information about a person without their knowledge (or consent).

Since Apple has finally released this feature into the wild with 14.5’s release last month, it’s worth looking at Facebook’s reaction – and why users do need a choice in deciding how an app shares their data.

Facebook’s (Empty) Threat

Since the sharing of data between apps undermine’s Facebook’s ad-centric business model, users on iOS 14.5 will see a new page upon opening either Facebook or Instagram:

From Facebook’s related blog post, they mention that they are providing this additional screen to “provide more information about how we use personalized ads, which…keep apps free”.

While I’m sure some people will just read right past this, it’s worth pointing out that Facebook (and Instagram + Whatsapp) made $9.5 billion during the first three months of 2021. Both Facebook and Instagram are built on the business model of selling highly-targeted ads to their users. Facebook/Instagram has never had a business model that is based on users subscribing or paying for their apps or features. More importantly, doing this would decimate their (substantial) ad revenue.

This “informational” screen is just another case of Facebook trying to actively manipulate users by providing misleading information.

What Facebook Targeting Looks Like

As if to further reinforce how much users should be wary of allowing Facebook access to cross-app tracking, a company recently bought ads that show how much targeting and tracking goes on between Facebook and Instagram.

Signal is an open-source, end-to-end encrypted messaging app (probably one of the best ones out there). Certainly better than WhatsApp (another Facebook-owned company that gave users an ultimatum requiring them to share data with Facebook back in January).

Signal bought Instagram ads which show some of the highly-targeted data that Facebook/Instagram/WhatsApp know about you. While some of the information is pretty easily available (IP address location tracking, for example), some of it seems very highly targeted.

Here’s one example from Signal’s blog post about the ads:

Interestingly, showing this kind of information about users to the users themselves violated some part of Facebook ads terms of service, and Signal got their ad account banned for this:

You can find more examples on Signal’s blog post. Some of the attributes that Facebook is able to target are definitely quite distinct.

Two Issues Become One

In the end, these two issues are two ends of the same problem:

Facebook needs to collect data on you – lots of data. But Facebook also knows that the amount of information they collect and aggregate would look creepy to most people. So they go out of their way to hide the extent of the data they’ve collected.

This kind of inequitable relationship does not seem like it will end well for the users that are exploited without their informed consent. And Facebook seems intent on grossly distorting the facts on both ends of this information funnel.