Facebook and Google have been violating Apple’s policies, distributing apps that tracked user behavior outside Apple’s App Store, as TechCrunch reported. Apple temporarily banned Facebook and Google from running internal software, sending a strong message.
Facebook Monitored Users (With Consent)
Facebook likes to know as much as possible about its users and what they spend your time doing, both on and off Facebook. Remember, despite what it says, Facebook’s customers aren’t you (the person who uses the social network), but ad networks and other companies interested in your data. Facebook also wants to know why and when you use alternatives to the social network.
To better track what users are doing outside Facebook, the company created a volunteer program called the “Facebook Research App” that functioned as a VPN when installed on phones. The VPN sent data to Facebook, including websites visited, messages sent, photos, videos, and more. The app also required users to install a root certificate, which allowed tracking data that would typically be encrypted. Volunteers had to choose to install the app, and received $20 a month in e-gift cards
Whether or not volunteers fully understood how much data they gave away is questionable. The app did have explanations and a terms of service agreement, but, as we all know, many people don’t read past the $20 offer; they skip straight to the OK button.
Early reports suggested Facebook targeted teenagers specifically, but that seems not to be the case as the company has stated that most users were adults. Facebook also said that minors were required to request parental permission, but some testing has shown that parental verification didn’t always work as intended and it could be possible for a minor to sign up for the program without proving parent consent.
Facebook Abused an Enterprise Tool
Here’s the key to understanding this story: Facebook didn’t distribute this app the usual way through Apple’s App Store. Apple previously banned a similar Facebook-owned VPN app from their App Store called Onavo Protect and changed their terms of service to limit data collection to only that related directly to the app.
Facebook stepped around this problem by distributing the app outside the App Store. Sideloading an app on iPhone normally isn’t easy or straightforward to the average person, but Facebook had an advantage here. As a large company, Apple granted a special certificate allowing distribution of apps outside of Apple’s App Store. The primary purpose of this process is for testing future apps (internal betas) and corporate-access apps (such as a corporate-only social network, or a company restaurant menu system).
Apple makes it clear that these certificates are not to be handed out to the average users, and that apps built for these certificates should remain internal to the company. Apple’s TestFlight is the only Apple-sanctioned method for beta testing with users, but retains strict limits and still relies on the App Store. Despite this rule, Facebook used the certificate to install their Facebook Research app on volunteer’s phones—volunteers who did not work for Facebook.
Apple Shut Down Facebook’s Internal Apps
Read the remaining 16 paragraphs
Source : Did Apple Really Ban Facebook and Google’s Apps? Why?
