The Worst Social Media Apps For User Privacy

Social media internet takeover

Social media has undergone a remarkable evolution over the years, transforming the way we communicate, connect, and share information.

What began as a form of simple social networking with early platforms like Friendster and MySpace, has become an integral part of our daily lives. Its impact has extended far beyond personal connections, with businesses, governments, and organizations leveraging social media for marketing, information dissemination, and even political campaigns.

Its rapid evolution has also brought to the forefront numerous privacy concerns, as user data is often harvested, leading to increased scrutiny of these platforms and their practices.

If you're in any way worried about your online privacy and the amount of data your use of social media platforms exposes, then read on. We take a look at some of the worst offenders in regard to social media privacy issues. We'll look at what type of data they collect, how it is shared, and how secure it is so you can make an informed decision about which platforms you choose to use.

Facebook

We're not surprised to see Meta's flagship app on the list of worst social media apps for user privacy! Facebook is notorious for being lousy with user data. The app collects a huge amount of information about its users (and non-users!).

When users download the Facebook app, they have to consent to giving Facebook permission to access:

• Contacts lists
• Call logs
• Text messages
• Camera and microphone
• Internal storage
• Wi-Fi
• Location
• Calendar

According to Facebook, they “use these permissions to run features in the app.”

Facebook also allows third-party apps to access your data when you use your Facebook credentials to log in or when you grant them permission. This can lead to your personal information being shared with external services without your direct consent.

With so many users worldwide, the Meta-owned app is an alluring target for hackers. In 2019, Facebook experienced a data breach that exposed the data of over 530 million users.

The data leaked on a hacking forum included phone numbers, full names, locations, email addresses, and other details from user profiles. Info, that Meta decided wasn't worth telling affected users about...

Check out our article on How To Guard Your Private Information and Delete Unwanted Content from Facebook. You'll find out how to delete your Facebook account should you wish to.

Messenger

Messenger collects pretty much all the same info as Facebook but with one major difference— it has access to your private messages.

The social media app doesn't use end-to-end encryption as default. It is available as an elected option but since most users assume their private conversations are just that, they don't seek out the settings to make the change.

Messenger had claimed they were testing rolling out end-to-end encryption as default last year.

The decision was in reaction to the backlash Messenger received for handing over private messages to law enforcement in an abortion case.

But at the time of writing (October 2023), the onus is still on the app user. Unless you specifically choose, your private messages on Messenger are anything but private.

Before you start a new conversation, make sure you select end-to-end encryption from the chat settings. Or, switch to a fully encrypted chat app that has end-to-end encryption as default.

Instagram

Instagram was bought over by Zuckerberg in 2012 and as a Meta entity, it has pretty much the exact same data-collecting and sharing practices as Facebook and Messenger. But, perhaps even a little bit worse...

A report by cyber business pCloud found that Instagram hit the top of the charts when it came to sharing user data with third parties. With 62% of user data shared with third parties for use in targeted advertising.

If you want to continue using Instagram, be careful about the third-party apps that you download to work with Instagram (such as filters, etc). Their privacy policies can be widely different and you'll want to be sure you're not giving away even more data.

Use the privacy settings to make your Instagram experience a little more private. You can turn off your Activity Status, so others can't see when you are online, disable tagging, or set your account to private. This way, only friends and connections can view what you post.

Threads

Oh, look at that! Another Meta-owned app. Threads, the newest Meta product, is a text-based social media platform connected to Instagram. Again, expect to give up all your data! In fact, a recent report has found that Threads collects 50% more personal data than Twitter.

User can expect to give up their browsing and search history, geolocation, financial info, and device details, which all sounds very Meta-esque.

But then it gets worse.

Under "sensitive data", you could be sharing your employment details, pregnancy status, various health data, race, ethnicity, sexual orientation, and religious beliefs.

The huge majority of this data is not necessary for the app's basic functions, raising major concerns from privacy experts.

The other concern is that users can't delete their Threads account without also deleting their Instagram account. This could end up trapping users into staying with the social media app (and continuing to share their data) even if they no longer wish to use the app.

Threads works very much like Instagram since it's built atop it, so the privacy settings are similar. You can set your Threads account to private to limit who sees your activity. But there is very little you can do about all the metadata the company collects.

TikTok

It's not all Meta-bashing around here. The hugely popular short-form video platform, TikTok also makes the list of the worst social media platforms for user privacy.

TikTok collects a lot of data, including profile information such as your date of birth, username, email address and/or telephone number, and password. They also collect user content, so anything you create or publish on TikTok, and if you sync your contacts, then they will collect information from your device's phone book.

TikTok also has access to your camera, microphones, and location, and collects data about your behavior on TikTok, including your direct messages— metadata and message content.

TikTok also collects loads of device information, such as the model and operating system, IP address, and system language. But quite disturbingly, it also collects keystroke patterns.

There's not a lot you can do about this type of data harvesting. If it bothers you, you can choose to delete your TikTok account.

To be fair, TikTok's data-collecting practices aren't that much creepier than any of the other social media apps on our list, yet it has been reported to pose a national security risk.

ByteDance, the company that owns the social media platform, is Chinese-owned which has caused fears that the Chinese government could access American user data. It's a possibility, but then the Chinese government could just as easily get such information from data brokers.

Another good reason to limit your digital footprint!

LinkedIn

Although LinkedIn does give its users quite a lot of control over their data, how it is used, and how visible their activity is, it still makes the list as one of the worst social media platforms for privacy.

Why?

Due to its being a professional's social media platform, LinkedIn is a 'target rich' environment for threat actors.

Users are encouraged to share their real names, job positions, resume, and current company on their profile, which can make them a target for a wide variety of phishing scams.

It also attracts data aggregators who "scrape" user data from their LinkedIn profiles and then use it for other purposes that the users have not agreed to.

Data scraping is also a tactic that is used by bad actors who sell the information on the dark web or on hacker forums.

Which is exactly what happened in 2021 when an archive of data of over 500 million LinkedIn profiles appeared for sale on a popular hacker forum. The verified data included full names, email addresses, phone numbers, workplace information, and more. It's the type of information that can lead to further phishing attacks or even identity theft.

We've already written in length about having an account on LinkedIn, the risks involved, and how to safely delete your LinkedIn account.

Be social or be private

If safeguarding your online privacy is a concern, it's crucial to be aware of the data that you willingly or unknowingly expose on these platforms. Making informed decisions about which social media platforms you choose to use and understanding how to secure your data is paramount in this evolving digital landscape. Staying informed will help you prioritize your privacy as you navigate the world of social media.

To help you out with that, read: 6 Things You Should Never Share on Social Media