Just how are we supposed to know...
which companies/SDK's are "authorized" or not to collect users data?
It's not like Facebook has been very transparent about what data has been shared and with what companies/developers.
And from what I know it requires a Facebook account in order to notify FB of dodgy apps abusing users social media data.
It is because of this abuse that I had deleted all social media accounts long ago.
Myself and other TCL/Alcatel device users were subjected to unwanted "updates" to our system apps where the launcher app, file manager, sound recorder and other system level apps had been modified overnight with an "update" that injected Facebook's Graph API's into these system level apps without warning or our consent.
I only found out about this after my device started serving up fake virus warnings that threatened SIM card damage linking back to some dodgy "Antivirus/Cleaner" app on the Google Play store.
After multiple calls and emails to Google that went nowhere I decided to try and solve this mystery on my own.
I found that the reason Google was unable (or unwilling) to assist in this matter was that the fraudulent virus warnings were originating from the modified system apps on my own device.
It seems that my modified file manager, sound recorder and launcher was now able to inject these fraudulent ads into the Facebook stream that hijacked the built-in browser to mimic warnings from the Google Chrome app.
Getting nowhere with Google I then reached out to Avast that was partnered with the bogus antivirus/cleaner app only to get a liftime ban from their forums.
And now I found that Facebook has recently partnered with the phone manufacturers ANS and Unimax.
These two phone manufacturers are being distributed by a marketing company (Global US) to people below the poverty level through the government Lifeline program that have been installing adware/malware remotely using encrypted DEX fies, some of which are using code found on GitHub to perform surveillance similar to the Facebook app where they scan the users Wifi, NFC and Bluetooth.
So please tell me Mark Z, just how are we supposed to know which companies/Developers are "authorized" to harvest user data and who is not?
And who (as MobiBurn has stated) is just helping to facilitate the slurp?