Facebook Is Still Secretly Tracking Your iPhone Or Android But Here’s How To Stop It

Apple's iOS 14.5 was supposed to let users take back control over their data, or so the narrative goes, by preventing apps from tracking their every move. Apple has been banging that privacy drum for a long time now, and customers have taken the company at its word. In fact, you've likely already read our report that a full 95% of users have opted out of allowing Facebook's app to track their data since iOS 14.5 privacy changes launched a few short weeks ago. However, what's to stop Facebook from continuing to track you once the data winds up on their servers? Not much, as it turns out, but there are options for turning the screws down a bit more. 

Do You Really Need Geotagging On For Sharing Pictures?

There are some pretty crazy loopholes the Facebook app uses to figure out where you are. Users unknowingly share their location with all kinds of services by accident every day. For instance, photos with geotags announce to the world where the photo was taken, and a timestamp will say when. Sharing access to photos effectively grants Facebook or any other service full reign to location history any time the camera is on. Fortunately, on both iOS and Android, geolocation is an optional feature that can be turned off easily enough. iOS 14.5 also allows users to select specific photos that apps can see. They don't have to be able to read everything on the camera roll, just the photos you select. This may allow an app to see some location history if there are geotags, but it's not all camera history. 


Don't forget that even when we don't share our data directly with Facebook, the company has other ways of getting it. If your friends check you into a location, Facebook takes it as direct confirmation of where you are and what you're doing. Businesses who are Facebook's customers are also sharing data back with the company, too. Facebook's own advertising policy points out that any time you give an email address or phone number to a physical business, it could be added to a customer list, which is then shared back with the mothership. 

Your IP And Location Are Constantly Being Shared To Facebook

Just the act of using Facebook requires sharing at least a little bit of data with the company. If you're a Facebook user, accessing the service requires an internet connection with an IP address. While IP location isn't an exact science, that alone might be enough to get a rough estimate of where you are. Even popular services like What Is My IP? can approximate location. Unless you're going to access Facebook through a VPN or give up the service altogether, it's probably time to make peace with the idea that Facebook is going to track at least some location data and try to learn more about you through the photos you share.


The fact is that we just share that little bit of location data with everyone, apparently. For instance, apps can get a current location in the most annoying ways. For exampl, images embedded in HTML contained in emails. If your mail app loads images by default, just the act of retrieving images shares an IP address. Every time Facebook (or Twitter, Amazon, etc.) sends an email with an image tag in the body, downloading that image shares a rough approximation of your location.

You Don't Have To Load Unsecure Images In Emails

This is an option in the iOS Settings app. In the Mail settings, just turn off the Load Remote Images option. Unfortunately, it's a little more hidden in the Android GMail app. Inside GMail, go to Settings and then select an account. Buried at the bottom are two related settings: Images and Dynamic Email. Select Images to get a pair of radio buttons. Turning off remote images also disabled Dynamic Email, which includes displaying Google AMP content inside emails. Unfortunately, since this is an account-level setting, it has to be set on each account if multiple sync with the device. 


We live in a new world of privacy advocacy because corporations are pitting themselves against one another. It's not just Apple vs. Facebook, either. IT's also Signal vs. Facebook, or Google vs. Apple, or so many other conflicts. It seems that Android platform owner Google has been hesitant to do too much privacy advocacy in its OS upgrades at least in part because of its own data mining and monetization strategies. 

Lest we forget, the Electronic Frontier Foundation has been fighting the privacy battle for far longer than Apple. The EFF has taken its own potshots at Facebook in the past, calling the social network's complaints laughable. It also wanted to remind everyone that that advertising money on spent Facebook goes into Facebook's pockets, and not the makers of content you go to see. That sounds very similar to another online content service, YouTube, where creators have to wade through a copyright minefield to get a miniscule share of the revenues coming in. 

Online businesses have to re-think their revenue models and look for other ways to mine monetizable data from their users, just as we've outlined above. There are certain compromises that have to be made with any online service. The key question to ask is whether you trust that entity whose service you're using with your own personal data.