In December, Privacy International and German mobile security company Mobilsicher both published reports that many popular apps were automatically sharing user data with Facebook, even if those users don't have Facebook accounts or were logged out of the Facebook platform. Mobilsicher examined the iOS version of many of the apps Privacy International also tested.
The London charity said Tuesday that Yelp, Duolingo, Indeed, the King James Bible app, and two Muslim prayer apps, Qibla Connect and Muslim Pro, were still sharing user data without consent. Spotify, Skyscanner and Kayak updated their apps so that they don't connect with the social media site when opened, according to Privacy International's report.
Privacy International said it brought the issue up with the European Data Protection Board and the European Data Protection Supervisor. Additionally, the group reached out to each app. Privacy International said Duolingo promised it would remove the Facebook Software Developer Kit "app events" feature from its Android and iOS app in the next update.
"Duolingo thanks Privacy International for their important work raising awareness of this issue," a Duolingo spokesperson said in an email. "As part of our ongoing commitment to privacy, we are removing the Facebook SDK App Events component from both the Android and iOS apps in the next version releases."
Yelp denied Privacy International's allegations that its Android app sends personal data to Facebook.
Facebook's policies say it can gather information from third-party apps that use its SDKs and APIs. The SDK integrates with apps to provide features like analytics or letting users log in with Facebook.
The rest of the apps in question didn't immediately respond to requests for comment. Facebook also didn't immediately respond to a request for comment.