We’re all used to seeing “Log in with Facebook” or “Log in with Google” at sites around the Internet — or less frequently, an offer to log in with Twitter, LinkedIn or Pinterest. It’s a common option at news sites like CNN.com and the UK’s Guardian newspaper, music streaming services such as Spotify and tens of thousands of other online retailers, apps and games.
Logging in with a main account whose credentials you easily remember saves you the trouble of going through yet another laborious account creation and memorizing dozens of passwords. It allows you to easily post about something you’ve just read or bought.
But what exactly are you signing up for?
Requesting your data
Logging in to a website using a service such as Facebook or Google allows the website to make a request for data about you. Facebook and LinkedIn have quite a lot of data available for request: your birthday, friends list, email address, employment, colleges attended, photos and information that your friends have posted about you (for example, tagged photos). Other services like Twitter don’t possess the same level of personal data about its users and aren’t able to turn over as much information.
The exact data that the website is requesting pops up in a window asking for permission. Saying yes to that request adds one more tiny bridge between the virtual islands of your online self.
This seemingly small agreement can carry larger repercussions. Linking two or more sites allows companies to collect more data, building an increasingly rounded profile about you. Allowing one account to have access to others means that if the least secure account is hacked, the rest could also be compromised.
Facebook and Google are by far the two most frequently used services for logging in to other sites. Facebook snared 62% of all social log-ins across the tens of thousands of sites that support it (as of the end of 2015); Google is used 24% of the time according to Gigya, a customer identity management company.
Social networks want to be a trusted source for verifying your identify. In fact, at the Facebook developers conference this year, the company announced a service called Delegated Account Recovery, which would let you use Facebook to verify your identity if you forget your password on an app or website.
Yet social networks don’t inherently have value as a trusted source of identity. Privacy is not the main concern of a social network; like any for-profit company, its focus is on monetizing its product.
We are the product. Take Facebook; according the eMarketer, Facebook is expected to generate $16.33 billion in net digital ad revenue in the U.S. market this year and Google is expected to generate $5.24 billion in display ads in the U.S.
What happens to your data
The data held by social platforms and service providers like Google covers your habits and preferences. Facebook Like buttons littered throughout the Internet bounce back data about products or articles you’ve liked, while the Facebook Open Graph platform for other sites comes with plug-ins that collect data such as which of your friends already use a particular website or what you do while on the site.
In response to privacy concerns, Facebook does allow you to log in to third-party apps without having to give permission to share personal details like your name, email, birthday and so forth. Make sure you sever the connection for apps you’re not longer using. You can do that by going to Facebook Settings (click on the down arrow next to the question mark in the upper right) and select Apps. On that page you can click on any app and see the information the app has access to and can change those access privileges.
Stokes, Natasha. “Should You Use Faceook or Google to Log In to Other Sites?” Techlicious May 2017