You may recall a few months back when a little-known Facebook app called Onavo was unexpectedly pulled from the iOS App Store amid accusations that the social network was using the app to spy on users -- under the guise of acting as a virtual private network (VPN) app intended for personal privacy.
According to an explosive story from TechCrunch that broke last night, Facebook wasn't actually done with Onavo, instead morphing it into a "Facebook Research" app targeted at teens -- a demographic that the social network has struggled to retain for a number of years. The main difference now is that Facebook Research is open about its data collection, and users are financially compensated for their participation.
However, security expert Will Strafach told TechCrunch, "[M]ost users are going to be unable to reasonably consent to this regardless of any agreement they sign, because there is no good way to articulate just how much power is handed to Facebook when you do this."
Apple apparently does not find Facebook Research to be materially different from the Onavo app it banned a few months ago, and now the Research app has been pulled from the App Store as well.
According to Recode, Apple was particularly concerned about Facebook leveraging the Developer Enterprise Program meant for internal use; DEP can allow an app to have much deeper access into iOS, which is otherwise more restrictive than Android, by design. DEP is not intended to be used with apps that are generally available to the public.
An Apple representative told Recode this morning, "Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data."
The Wall Street Journal indicated in August last year that Facebook had harvested usage data from Onavo's users for several years and used that to inform the decisions to purchase Instagram in 2012 and WhatsApp in 2014; WhatsApp's co-founders Jan Koum and Brian Acton both resigned in the wake of disagreements with Facebook over data privacy, and Facebook's security chief Alex Stamos quit shortly after the Journal report.
According to Business Insider, however, Jan Koum was allowed to stay on at Facebook in a limited capacity for several more months, in order to vest about a half billion dollars in remaining stock options.
FOLLOW Download.com on Twitter for all the latest app news.
Despite all of this, the Android version of the Onavo Protect app remains on the Google Play Store, whose description says in part, "As part of providing these features, Onavo may collect your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data.
"Because we're part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences."
For the record, legitimate VPNs designed for private use do not collect user data as a rule -- since the whole point of such a product is to improve the user's security and privacy. If you're looking for VPNs on the Android side, we strongly recommend avoiding Onavo and choosing something like NordVPN, ProtonVPN, IVPN or Private Internet Access.
- Recode reports that Apple has removed the Facebook Research app from its App Store, due to misuse of the Developer Enterprise Program; Apple prohibits developers from using the DEP in an app that is available to the general public.
- TechCrunch indicated in a report last night that Facebook Research contained many similarities to the social network's Onavo VPN app, which was banned from the App Store last year due to privacy concerns.
- Vero is a more 'authentic social network' than Facebook, according to CEO Ayman Hariri
- Does Facebook ad targeting ignore your location privacy settings?
- Facebook tackles Russian fake news operation followed by 790,000 accounts
- Facebook could face record fine from US regulators, report says (CNET)
- Russia: We're suing Facebook, Twitter for snubbing law on storing users' data locally (ZDNet)
- Hackers impersonate these 10 brands the most in phishing attacks (TechRepublic)