Instagram is slowly rolling out a new feature that will help better protect your personal data from being accessed by your long-discarded, third-party applications — that is, any app you had once authorized to access your Instagram profile over the years. This may include websites you used for printing your Instagram photos, various dating apps or Instagram tools for making collages, finding your top photos and more.
Providing a tool to remove third-party apps’ access to your account is now a fairly commonplace security setting among platform providers. Instagram is late to offer such functionality. Twitter, Facebook and Google have had similar functionality in place for years.
And Instagram isn’t hurrying its launch, either.
The company says its new security features will take a whopping six months to reach all users, as it’s designed to be a gradual rollout. For comparison’s sake, most new features tend to roll out in days or sometimes weeks, but rarely as long as half a year.
The choice to move slowly is worth calling out here — especially given that Instagram’s parent company Facebook’s massive personal data scandal, Cambridge Analytica, arose because users had connected to a third-party app that improperly collected users’ personal data.
Instagram, arguably, has less of a treasure trove of personal information on hand to tap into, compared with Facebook. But there’s still no need to let some app you used once, many years ago, continue to access information like your Instagram username, your photos, all your captions, timestamps of your posts, permalinks and more. And if you maintain a private account with the intention of only sharing your content with close friends and family, this level of access might make you even more uncomfortable.
While Instagram isn’t clear in its public announcement about its reasoning for such a slow rollout, it’s tied to API changes for developers. The company is giving developers time to move from the Instagram Legacy API Platform to the Facebook Graph API.
As the company explains in a developer announcement, the new API will enable “appropriate consumer use-cases, while protecting user privacy and safety” — including giving users the ability to decide what information they share with apps, then revoke access through the Instagram mobile app. The legacy API platform will be deprecated on March 2, 2020.
It would have made sense for Instagram to communicate to users that the gradual rollout is because it’s giving developers time to get their apps ready for these changes. But because it didn’t mention this, the news of the slow rollout comes across as Instagram not believing such a feature is a priority or important to users.
If you have the new security setting, you’ll find it under “Settings” in the Instagram app. It will be under “Security,” then “Apps and Websites.” From this screen, you can tap “Remove” on any apps you don’t want connected to your Instagram account.
Related to this, Instagram says it’s also introducing an updated authorization screen that will detail all the information an app is requesting when you go to authorize it to connect to your Instagram account. If you think it’s over-reaching, you can just choose “Cancel” instead of “Authorize.”
If you don’t have the new features now, just wait until sometime in 2020, I guess.