Security Experts:

Connect with us

Hi, what are you looking for?



U.S. Senators Seek Answers on Facebook’s Handling of User Information

United States Senators Chris Coons (D-Del.) and Josh Hawley (R-Mo.) have asked Facebook to provide an explanation on its collection and handling of user location information. 

United States Senators Chris Coons (D-Del.) and Josh Hawley (R-Mo.) have asked Facebook to provide an explanation on its collection and handling of user location information. 

In a letter to Facebook this week, the Sentators voiced concerns that the social media giant has misled users regarding collection of location data and on the amount of control users have over their privacy settings.

In their letter, the Senators note that location data is highly sensitive information, and that smartphones today can even reveal information such as the floor of a building a device is located. 

After iOS and Android updates provided users with increased control over how and when they share location information with their apps, Facebook published a blog post to describe privacy settings users can select to determine when location is shared with the social platform. 

“We appreciate Facebook’s attempt to proactively inform users about their privacy options. However, we are concerned that Facebook may not in fact be offering users the level of control that the company suggests these settings provide,” the letter, which calls Facebook CEO Mark Zuckerberg to provide response by December 12, 2019, reads. 

In the blog post, Facebook explains that users can select to share location at all times, when using the app, not at all, or, if using iOS, only once. However, it also notes that it might still be able to understand a user’s location based on check-ins, information on Internet connection, and other things. 

This, the Senators argue, raises concerns that users’ actual control of their location data is undermined. 

“If a user has decided to limit Facebook’s access to his or her location, Facebook should respect these privacy choices. The language in the blog post, however, indicates that Facebook may continue to collect location data despite user preferences, even if the user is not engaging with the app, and Facebook is simply deducing the user’s location from information about his or her internet connection,” the letter (PDF) reads. 

With most mobile devices virtually always connected to the Internet, Facebook may be able to constantly collect user data, regardless of their preferences, the Senators say. 

“Users who have selected a restrictive Location Services option could reasonably be under the misimpression that their selection limits all of Facebook’s efforts to extract location information,” they argue. 

Thus, the Senators ask Facebook so reveal whether it collects location information even if the user has turned off or limited Location Services for Facebook – and why it does so, if applicable.

The letter also demands information on whether Facebook collects information on a user’s location based solely on their Internet connection solely and how frequently it collects such information when the user has turned off or limited Location Services. 

“What is the difference between the “precise” location information collected when a user has Location Services enabled and the location information collected by Facebook using other data, such as the user’s internet connection, when a user has turned off or limited Location Services?  How detailed is the location data that Facebook collects when a user has turned off or limited Location Services?” the Senators also ask. 

Additionally, the Senators want to know whether Facebook monetizes the location information collected when a user has turned off or limited Location Services, whether a user can configure their privacy settings so that Facebook never monetizes that location information, and whether the social platform shares this location information with third parties. 

Related: Twitter Collected and Shared iOS Location Data

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Expert Insights

Related Content


The EU's digital policy chief warned TikTok’s boss that the social media app must fall in line with tough new rules for online platforms...


Meta was fined an additional $5.9 million for violating EU data protection regulations with WhatsApp messaging app.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...

Mobile & Wireless

As smartphone manufacturers are improving the ear speakers in their devices, it can become easier for malicious actors to leverage a particular side-channel for...

Application Security

Microsoft’s security patching machine hummed into overdrive Tuesday with the release of fixes for at least 97 documented software vulnerabilities, including a zero-day that’s...

Cloud Security

AWS has announced that server-side encryption (SSE-S3) is now enabled by default for all Simple Storage Service (S3) buckets.


Employees of Chinese tech giant ByteDance improperly accessed data from social media platform TikTok to track journalists in a bid to identify the source...