TechCrunch – Facebook has entered a new personal data scandal because TechCruch has found that juvenile users have been unlawfully designed to install the Facebook Research spyware application for iOS and Android phones and pay them up to $ 20 a month using. As soon as Apple discovered that Facebook used the Enterprise Developer Certificate, it suspended Facebook certificates and forbade Facebook Research. It is currently on Android.
The story begins in 2014 when Facebook acquired Onavo for $ 120 million. This has become a Virtual Private Network (VPN) application that helped users monitor and minimize the amount of downloaded data. Facebook, as the owner of this app, has received information about internet user habits. For example, Facebook has learned that people are increasingly using WhatsApp and later bought them for $ 19 billion. Since then, WhatsApp has tripled the number of users, so the decision really paid off on Facebook.
But Facebook does not give up. Onava was gone and Facebook Research did the same, and it's mostly the same code. It turned out that Facebook has been distributing Facebook Research since 2016. It has been using the BetaBound, uTest and Applause platforms, also known as the Atlas project. But Facebook did not use the TestFlight platform, which is Apple's official beta testing platform. Instead of advertising for Instagram and Snapchat, young people aged 13 to 17 tried to participate in paid social networking studies. He offered them up to $ 20 a month to install the app (in the form of cards e-dar), but also for each affiliate friend (recommendation). In small print it was said that it was gathering all the information (news content, browsing history). After installation, users had to install the appropriate developer certificates and add Facebook Research among trusted root applications. This is inconsistent with the rules, as Apple explicitly allows companies to use them only for internal tests with their employees.
Facebook research uses the same unit as Onava. All communications (VPN only) are redirected to the server vpn-sjc1.v.facebook-program.com, which is also called Onava. The application is also automatically updated without user interaction and uses certificates from June 27, 2018 – when Apple has already said that such use of Onava is forbidden. Facebook did not make mistakes to continue using Facebook Research the same way. Facebook claims that these are different projects, but the same people work on them. The analysis also showed that apps are virtually identical because they both use the same terms and even brands.
Facebook discourages complaints, like many other businesses, to encourage people to participate in research programs to find out where they can improve. In this way they wanted to gather information about how people use their mobile phones. They add that they do not share data with third parties and that people can no longer cooperate.