[Ninn]

I believe that facebook in no way can accomplish this at scale without getting caught.

Even so, i recon that your approach to test them is flawed, instead you should either of the following:

1. Reverse engineer the applications that has access to actually capture audio from the microphone to start with, i.e. the Messenger app on android.

2. Create a kernel module/microphone driver, which records when and which applications actually access the microphone. If the facebook apps are actually found accessing the microphone outside of a user initiated scope, one could bring the experiment to the next level and record the same audio recoding and save it for later review.

I recon 1. has already been done by several researchers, especially in relation to bug bounty programs etc. but that doesnt really mean that you should try to do it again for your own research.