Security audits are an annoying but necessary part of online life. Hacks big and small have compromised the data of countless internet users, so it’s up to you to make sure social networks and apps aren’t scraping more data than they should.
Facebook’s latest data scandal isn’t a hack in the traditional sense. User data was gathered in 2014 by a man posing as a researcher, which was allowed at the time under Facebook’s rules. But that man then gave that data—and information on people’s friends—to analytics firm Cambridge Analytica. That ran afoul of Facebook’s rules, and Facebook ordered Cambridge to destroy the data. Cambridge says the data has been deleted, whistleblowers say it still exists, and round and round we go. (Here’s how to see if Cambridge has your data.)
Facebook is shocked (shocked!) that this all happened. But major tech companies make a lot of money off your info, either by mining it to sell you stuff or by selling it outright to others.
Facebook allows you to put some rather robust account restrictions in place. But its tools can be hard to find and decipher. Implementing some of them may limit what you can do with Facebook, but short of deleting your Facebook account, it should provide you with some peace of mind.