Making sense of connected apps and browser extensions using PlusPrivacy

A central feature of PlusPrivacy is a single Privacy Dashboard from which you can manage your privacy in social networks, browser extensions, connected apps, email identities  and ad blocking/tracking prevention. In this article we will highlight the highly useful PlusPrivacy feature of managing access to your data by browser extensions and by apps connected to your social network accounts.

PlusPrivacy is an open source service for managing personal privacy online. The service is funded by the European Union and is intended for public good. PlusPrivacy is fully operational, with some new features under development.

What exactly are “connected apps” and why should you be concerned?

Let us say that you played a free game on Facebook, or could not resist a time-saving temptation to log into a website with your Twitter account instead of email+password, or tried out a non-Google mobile app to manage your Google calendar or tasks, or referenced your LinkedIn account in your Angel List account, or tried out a cool mobile app that stores data in your Dropbox account.

There is one thing in common for all of the above actions – you have given the game/mobile app/web app access to your social network data or cloud storage. In rare cases the app will only require limited permissions to access or manipulate your data. More often, the access and permissions will be unlimited – whatever you can do with your data, the app can do as well – such as tweet on your behalf.

But wait, it gets worse. Let us say you tried a mobile calendar app and decided not to use it. You uninstall the app and forget about it. However, the app’s network-based server still has access to your Google data!

What about browser add-ons/extensions?

Every time you install a FireFox add-on or Google Chrome extension, it gets permissions to access and manipulate your data in or from within your browser – and it may well be communicating this data to its backend server. You can of course uninstall the extension – but many people will just install and forget about it. Unless you are technical enough, you will not even be able to find out what are the permissions given to the extension.

How relevant is this for you personally?

Hard to tell. Finding this out manually can be difficult and time-consuming. You can of course log into each of your social network/cloud storage accounts, dig and find the relevant settings (usually called something like “connected apps”) and manually disable access and permissions given to the unwanted app. Then you can dig into the add-on settings of your browser and find out which extensions you have installed (finding out their specific permissions can, as we said above, be a tall order) and disable or uninstall the ones you no longer need or want.

However, if you are like most of us – busy and not completely paranoid – you will never do it. You may well have tens of apps that you have long forgotten ever using, currently having access to your social network and cloud storage data. And you have absolutely no idea what they are doing with your data.

Enter PlusPrivacy

One of the coolest features of PlusPrivacy dashboard is automated discovery of  apps connected to your Facebook, Twitter, Google, LinkedIn and Dropbox accounts, as well as extensions installed in your Chrome browser, and a single click termination of access (or un-installation) of those of them that you no longer want to access your data. In most cases PlusPrivacy will also tell you what are the exact permissions given to a connected app. All this will be presented to you in a table with a disable/uninstall button next to each app – giving you the ability to take a single-click action. Even if you have tens of unwanted apps connected to your social network accounts, you will be done in 2 minutes!

How does it work?

You need to be logged into the relevant social network accounts in your browser. PlusPrivacy Chrome extension/FireFox add-on will access the privacy settings of the accounts on your behalf, extract the info about the apps, present it to you, and carry out your disable/uninstall decisions. You will not need to dig into privacy settings of each social network yourself.

Here is a practical advice: let us say a take-it-or-leave-it web site with content you really want to see has just forced you to log in with your social network account (say, Facebook or Google). Do not worry. Just go to your PlusPrivacy dashboard, select “Extensions & Apps”, select the social network account you have been forced to log in with, find the name of the website, and click the trash bin icon. Voilà, the intrusive site or app is no longer connected to your social network data!

How much data does PlusPrivacy collect and store about you for this action?

None. This is why it needs you to be logged into the relevant social network accounts to perform this function.

 

PlusPrivacy provides many other personal privacy  functions . We will highlight them in upcoming articles.

Want to try PlusPrivacy? It’s free and open source!   Sign up at https://PlusPrivacy.com