Wednesday, 30 January 2019

Apple bans Facebook app that gathered user data, revokes enterprise certificate

Facebook app

One day after it was discovered that Facebook was violating Apple's policies and using its enterprise certificate to distribute a VPN app to users to collect their data, that app has been pulled and Apple has blocked Facebook's internal iOS apps.

First up, Apple has confirmed that the Facebook Research app has been banned. "We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple," the company told TechCrunch. "Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

Yesterday it was revealed that Facebook had been using its enterprise certificate to quietly get users between the ages of 13 and 35 to share their data via an app called Facebook Research. The users were being paid up to $20 per month to allow Facebook access to info like private messages in social media apps; chats, photos, and videos sent; emails; and web searches and browsing activity.

Not only is this a violation of Apple's Enterprise Developer Program, but it's especially notable because Apple previously removed a Facebook app called Onavo VPN for violating the App Store's data collection policies.

A new report from The Verge says that not only has Apple banned the Facebook Research app, but its decision to revoke Facebook's enterprise certificate has caused internal Facebook apps to stop working. That includes early versions of the Instagram and Facebook apps as well as apps meant for Facebook employees, like one for transportation.

Meanwhile, Facebook is disputing some aspects of the reports about its Facebook Research app. "Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate," Facebook told TechCrunch. "Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms.”

This is quite a situation between Apple and Facebook. It's no surprise that Apple banned the Facebook Research app and revoked Facebook's enterprise certificate after using it to distribute an app to the public. The fact that many of Facebook's internal apps are now broken is surely frustrating to Facebook and its employees, and you can bet that the company will try to get back in Apple's good graces so that it can continue to test its iOS apps and get its employee apps working again.


Apple bans Facebook app that gathered user data, revokes enterprise certificate originally posted at http://phonedog.com

No comments:

Post a Comment