University of Iowa researchers led a study that investigated the misuse of user data by third-party apps on the social-media platform Facebook.

In the study, led by Shehroze Farooqi, a graduate student in the Department of Computer Science, the researchers used a tool called CanaryTrap to detect misuse of user data shared with third-party apps. They monitored 1,024 third-party apps on Facebook and found that more than 1% of third-party apps are potentially misusing user data. 

The research team, which includes Zubair Shafiq, assistant professor in computer science, and Maaz Musa, graduate student in computer science, also launched a disclosure page that has more details on the third-party apps that are responsible for the potential misuse of user data.

“Prior experience of our group in studying abuse of third-party apps on online social networks keeps us motivated to investigate potential risks posed by third-party apps to users,” Farooqi told the technology news site VentureBeat. “In the past few years, we came across several high-profile incidents of data misuse by third-party apps. This motivated us to develop a methodology that can detect misuse of user data shared with third-party apps.”

The study has been peer-reviewed and has been published as a preprint. Farooqi presented the findings this week at the 20th Privacy Enhancing Technologies Symposium.