Facebook has been involved in a couple pretty high-priority scandals over the past year or so, and now it looks like another is happening.
A new report has revealed that since 2016, Facebook has been secretly paying people to sideload a Facebook Research app so that Facebook could gather data about them. Facebook was paying users ages 13-35 up to $20 per month to be a part of the program.
What makes this such a big deal is that Facebook was using its Enterprise Developer Certificate to get the Facebook Research app onto users phones. This certificate is supposed to only be used for distributing corporate apps internally to employees, but Facebook used it to avoid having its Facebook Research app reviewed by Apple as part of the App Store submission process.
This is notable because in 2018, Apple made Facebook remove a VPN app called Onavo from the App Store because it violated Apple’s data collection policies. Facebook has been using beta testing services like Applause, BetaBound, and uTest to get people to sign up for its Facebook Research app so that it could continue to learn about users. The effort was also referred to as “Project Atlas” in order to hide Facebook’s involvement.
Once a user joined the Facebook Research app, it’s possible that the social networking giant could get access to a user’s private messages in social media apps, chats from messaging apps, photos and videos sent to other users, emails, web searches and browsing activity, and ongoing location information. It’s unclear exactly what information Facebook is actively storing, though.
Facebook confirmed this Facebook Research program to TechCrunch, claiming that it’s actually in line with Apple’s Enterprise Certificate program. Here’s the company’s statement on the matter:
“Like many companies, we invite people to participate in research that helps us identify things we can be doing better. Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate. We don’t share this information with others and people can stop participating at any time.”
Apple has been made aware of what Facebook is doing, but the company hasn’t provided a statement on the matter. It’s unclear what, if anything, Apple plans to do in response.
This situation is notable because Facebook appears to be blatantly breaking Apple’s App Store rules by using an Enterprise Certificate meant for businesses and its employees so that it can continue to gather data on users. This is even after Apple made Facebook remove its Onavo VPN from the App Store due to its data collection. The fact that Facebook may have been gathering data on users as young as 13 with this Facebook Research app is a problem, too.
Now that Apple is aware of this matter, it’ll be interesting to see how the company responds. In the mean time, you can check out the full report on Facebook Research at the link below.