Apple Hits Back At Facebook For Privacy-Invasive VPN Targeted At Teens

Posted February 01, 2019

Every app the company built using its EDC was rendered inoperable, with users reportedly unable to even open the programs from their home screens.

Facebook confirmed the research program's existence to TechCrunch.

A detailed TechCrunch report highlights that Facebook has been running a "research" program where it asks users to install its "Facebook Research" VPN app on their device. "All of them with signed parental consent forms". The company is now unable to distribute internal, early versions of its apps like Messenger, WhatsApp, and Instagram to developers and employees internally.

For that trove of personal data, Facebook paid an unknown number of users aged between 13 and 35 up to $20 a month in e-gifts.

The "Facebook Research" VPN was offered to iOS and Android users who were paid up to $20 per month - plus referral commissions - to provide the social network with near-unfettered access to phone, app and web usage data (a Root Certificate is installed to give a terrifying level of access).

In addition to blocking the app, a key certificate was blocked which led to several of Facebook's internal testing apps not working anymore, Business Insider reported.

However: Facebook removed that app from the App Store previous year after Apple said the app violated store policies, according to The Verge.

Apple chief executive Tim Cook
Apple chief executive Tim Cook

"We designed our Enterprise Developer Programme exclusively for the internal distribution of apps within an organisation", Apple said in a statement. Google doesn't seem to be anxious that Apple will find it out. "We don't share this information with others and people can stop participating at any time", as told by a Facebook spokesperson to TechCrunch.

Among the data collected, the VPN was able to grab everything from private messages off of social media and messaging apps to screenshots of a user's Amazon order history page. Asked about it by The Associated Press, Google said it had disabled the app on Apple devices and apologized for its "mistake".

In August of past year, Apple asked Facebook to pull its virtual private network app Onavo from the App Store for violation of data collection policies. Last year, Facebook was hammered for failing to keep the personal information of its more than 2 billion users safe after news emerged that Cambridge Analytica, a United Kingdom consultancy, had acquired data without users' knowledge.

A similar app from the company called Onavo Protect was banned by Apple in June and removed from its App Store in August. Facebook is doing this program through beta testing services including Applause, BetaBound and uTest. In this case, Apple determined that Facebook's app went against the rules. Instead, he said Facebook was scooping up all incoming and outgoing data traffic from unwitting members of the public - in an app geared toward teenagers.

Facebook's collection of user data extends far beyond the service itself, as the company has been observed on multiple occasions illicitly extracting personally identifying information from users, often in circumstances-including these most recent developments-where their involvement was concealed. But it is still in mystery what kind of data Facebook is looking.

Facebook distributed the app to consumers through Apple's "Enterprise Developer Program".