Disconnect Your Facebook Apps to Protect Your Personal Data

Facebook Apps May Treat Your Personal Information Like a Commodity

Remove Facebook App Connections to Protect Your Personal Data

We are still reeling from the fallout of the Cambridge Analytica scandal.  Cambridge Analytica purchased data from Facebook App Developers, and then they used it to try to influence us politically.  If you are interested in reading more about the hows and the whys of this breech, please see our previous post, The Facebook Kerfuffle and What it Means For You, as well as all of our previous articles on privacy and protecting your data.  Your data was compromised because you trusted the wrong apps with it.

Now you are aware of why the data miners are creating all of these apps, it is time to disconnect them so that they will no longer have access to your personal information or the contents of your Facebook Profile.  Removing apps used to be quite a tedious process, so many of us just ignored it or put it off, until our Facebook Account was cloned, a rogue app started posting on our behalf, or friends started complaining of receiving messages we never sent.  Thankfully, in response to this catastrophe, Facebook has streamlined the process of app removal, making it much easier. They have also made it easier to see just what kinds of permissions the apps request, as well as to selectively remove permissions. Today, we're going to look at how to do this.  We'll guide you through finding your connected apps, purging those you no longer use or recognize, and examining the permissions the remaining apps require.

A Word of Caution

You may think in light of recent revelations, you need to disconnect EVERY Facebook app. However, some apps legitimately need a Facebook connection.  If you use Facebook login on any site, you will need to keep that app connected, or you will lose the profile associated with that account.  If you use Social Media Management tools, such as Tweetdeck, Hootsuite, Rafflecopter, Buffer, etc., those apps need to remain connected in order to read posts and to schedule posts on your behalf. If you frequent a site that uses Facebook Comments, again, you'll need to maintain that connection in order to post comments and receive notifications about responses.  If you want to be able to share an article from a news site using Facebook Share buttons, that app needs to be connected to your Facebook, and it needs permission to post on your behalf.  If this rankles your bones at all, do NOT use a social share button, and simply share the old-fashioned way: by cutting and pasting a URL into a Facebook Comment.  That being said, you can always disconnect something now and reconnect it at a later date.  

For example, I am a Pop Culture Addict, and I frequent several pop culture oriented websites, including TVGuide.com and Buzzfeed.  Both of these sites use the Facebook Commenting Plug-in.  Because of this, I am NOT going to disconnect these apps from Facebook.  However, I saw Vulture, another pop culture oriented site, in my App  List.  I rarely use Vulture, and I vaguely remember using a social share button a while back on that site. I am going to disconnect Vulture, figuring I can always reconnect it if I want to share an article in the future.

Also, Facebook lists EVERY site you've connected under the "Apps" section. Entries in this list include many websites, as well as apps embedded into Facebook pages or posts.  So if you have a Harmony Hub, and you logged in with Facebook during set-up, BOTH Logitech Harmony and Logi will be listed in your Facebook App List. If you disconnect either app, your Harmony will  no longer function correctly, regardless of the install status of the actual Harmony App.  So if a website or web service requires you to be logged in, and you initially logged in with Facebook, you should NOT disconnect the associated Facebook App.  Doing so may delete your account and/or any personalized settings.

How to Access Your Facebook App List

To access your Facebook App List, go to the Settings Section of Facebook.  On Desktop, click on the down arrow next to the Question Mark in the upper right corner to drop down a menu, then select "Settings."  

Once on the Settings page, select "Apps" from the left navigation menu.

This will take you to the Apps Page. You will see a section at the top titled "Logged in with Facebook." This is your Facebook App List.

Each App has its icon to the left, the name of the app or website, a pencil icon, and then a checkbox at the far right.  Above the App List, to the right of the Section Title,  is a "Remove" button.  Depending on how many apps you've connected, you may need to click the "Show All" link to see the complete list.

This process is much easier to complete via the Facebook Website than it is through the Mobile App. However, the process is very similar on mobile, and can be done.

On Mobile, open the app, tap the "Hamburger Menu," scroll all the way down to "Settings & Privacy," then tap "Account Settings." (Do NOT tap "App Settings.")  Then tap on "Apps," near the bottom of this screen.  Next, tap on "Logged in with Facebook."  This will open your Facebook App List.  On mobile, the checkboxes are to the left of the app icon, and the remove button is at the top right of the screen. The remove button will be "grayed out" until you have at least one checkbox checked.

If you are doing this via the mobile app, I really suggest you complete it one screen at a time.  Fat fingers make it super easy to check or uncheck something by mistake, and it is a lot harder to scroll up and down to double check what is and is not selected.  

How to Disconnect a Facebook App

As of today, you no longer need to revoke access from the individual "Permissions" screen.  Facebook has added these checkboxes to make bulk-revoking a LOT easier. Simply check the checkbox to the right of the app's name, then click on the "Remove" button at the top.  (On mobile, the checkbox is located to the left of the app name.)

After you press "Remove," Facebook will pop-up a confirmation box.

This confirmation screen will have a section asking you if you want to delete content the app posted on your behalf.  Check the box to remove those posts.  Be aware that should you choose to delete everything, all of those articles and quiz results you shared to your Timeline will disappear.  So in other words, use this power judiciously.

If you have a lot of apps you are disconnecting, the request will take a while to process, and it may appear to lock up your browser.  Give the removal a few minutes to complete. When it is finished, you will receive a confirmation.  When you close that, you will be brought back to your Facebook App List, where you may continue culling connected apps.

You may have quite a few more apps connected than you ever realized.  As you can see from the graphic, I personally disconnected 722 apps my first go-through.  I do NOT recommend you delete that many in one fell swoop, unless you have a pretty powerful computer. To avoid crashing your browser or the Facebook App, it's best to revoke permission in batches.  I recommend disconnecting apps one screen at a time on Mobile.  On Desktop, most browsers should be able to handle deleting in batches of 100 or so.  If you do crash your app or your browser, you will need to start this whole process from scratch.

"Generic Icons"

You may notice a slew of apps with what I call "generic icons."  ALL of the apps with these generic icons are safe to disconnect.  Those icons mean an app is no longer active, or that the company has moved to a newer version.  You most definitely should disconnect EVERY app with a generic icon during this purge.

E-Mail Confirmations

You may hear from certain services after you've revoked their Facebook Permissions. For example, Kickstarter e-mailed me to let me know I'd now have to add a password to my profile if I want to keep using their site.  I received several e-mails and "surveys" in response to revoking permissions.  Since I was careful, I was able to ignore all of these "warnings."    If you want to continue using the associated website, however, you should either go ahead and create a log-in without using Facebook, or reconnect Facebook the next time you want to log into that site.

How to View an App's Permissions

Facebook has also made it A LOT easier to view what permissions an app has requested.  Additionally, you may now selectively revoke permissions without completely disconnecting an app.

To view and/or revoke permissions, click on the pencil icon to the right of the app's name.   This will bring up a "Permissions" Screen.

Each app will list the permissions requested. There will be a checkbox to the right of the permission description. To revoke a permission, uncheck the box and click "Save."  

If you are logging into a site using Facebook, they probably do need your e-mail address. However, they may not need your Friends List or Photos.  If you are using a social share button or you are using a Facebook Commenting Plugin, the app WILL need permission to post as you.  (The site will NOT be able to post that article link to your timeline or share your comment to Facebook without posting permission.)

Be sure to scroll all the way down the list of permissions. The more nefarious ones are farther down the screen.  Also, at the bottom of the screen, to the left of the save button, you will find links to "App Terms" and "App Privacy Policy."  "App Terms" links to the terms of service of that particular app. And as we've discussed in the past, they often clearly tell you they are going to share and sell your data. Privacy Policies also must tell you how they plan on using your data.  Now is a good time to review these policies so you can decide if "logging in with Facebook" is worth the cost.

On Mobile, tap the "View >" link to the right of the app's name to bring up the "Permissions Screen." The links to the Privacy Policy and App Terms are at the very bottom of this screen.  Likewise, uncheck a bubble to revoke a particular app permission.  

After you've purged all the apps you no longer use or recognize, it's time to do your Permissions Audit.  Go through each of the apps you've left connected, and selectively revoke permissions, as described above.  Once you've done this, that app or website can no longer mine that type of data from your profile.  

Certain permissions may be required by the app's Terms of Service.  The permissions screen tells you what particular permissions an app requires in order to use it.  If you do not like what permissions are required, it's time to disconnect the app completely.  

Summary

In response to all of the bad publicity, Facebook has made it a LOT easier to revoke App Permissions and to disconnect apps altogether.   Something that used to be a very tedious chore is now a LOT easier. And because it is so easy, it's something EVERY Facebook User needs to do on a semi-regular basis. No longer do you need to scroll through a long list, open an app info screen, and revoke access one at a time.  Now, Facebook has added checkboxes to your Facebook App Listing Page, in order to make bulk deleting a breeze.   Facebook had also improved the individual app information screens, adding links to Privacy Policies and App Terms of Service so you can easily see just what type of data an app wants to mine.  You can also reject individual permissions categories from the App Info Screen.  No longer are app permissions an "all or nothing" kind of affair.  So now you can maintain an app's connection, but revoke individual privileges, something that is a boon to protecting your personal data.

The Cambridge Analytica scandal exposed "the price" of using many Facebook apps. Many apps and services that claim to be "free" are really in the business of data mining, and their terms of service make that clear.  Yes, many so-called free services require us to pay with our personal information these days, something that has become a valuable commodity to marketers, as well as scammers and identity thieves.  Thousands of people are deleting Facebook as a result. But like readers of this blog know, Facebook is not the worst when it comes to Data Mining; the real abusers are the sham quiz hosts, viral video and meme sharing apps, and other "too good to be true" type posts that only exist to cheat us out of our precious data.  We need to watch the apps much more closely than we need to watch Facebook. Facebook is just the means these bad guys use to trick you into freely sharing way too much.

I am obviously guilty of not taking the time to cull my apps. I disconnected over 700 apps today.  I had about 400 dead sweepstakes apps that remained connected, and sweepstakes apps are known for mining data.  I had at least 50 "generic app icons" on my own page. Shame on me for allowing that connection to persist, long after it was needed.  

Most of us have connected way more apps and sites over the years than we ever realized, with connections numbering in the hundreds.  It has always been a hassle to review these connections, so we tend to connect and forget, allowing the miners to keep reaping data for years after we've stopped using their services.    Then we're horrified to learn that quiz we took a decade ago has been tracking us ever since.  And we want to blame it on Facebook, despite the fact we gave that app permission to do what it did.  As users, we must become more responsible for protecting our own data, and not handing it over so freely.

Have you checked your Facebook Apps List lately? How many apps did you have connected?  How many of these needed to be removed? Can anyone beat my "first culling count" of 722 apps?  Did any app permissions really surprise you? Hit us up in the comments and let us know. And as always, thanks for reading.