A sketchy Facebook app banned by Apple earlier this year succeeded in collecting large amounts of personal data from around 187,000 users before it was pulled.
Sen. Richard Blumenthal asked Facebook to provide the numbers, including a breakdown of how many of the users were teenagers …
TechCrunch saw a copy of the letter.
The social media giant said in a letter to Sen. Richard Blumenthal’s office — which TechCrunch obtained — that it collected data on 31,000 users in the U.S., including 4,300 teenagers. The rest of the collected data came from users in India.
We warned about the original incarnation of the app back in February of last year. Marketed by Facebook as a free VPN service, its underlying purpose was to provide the social network with data on which websites you visited and which apps you used.
While the VPN app is designed to give users “peace of mind” and “an added layer of security” by routing your web browsing through its servers, the company also analyzes and collects users data to improve its services as well as Facebook’s products and services.
After a paragraph about the protection that Onavo provides and some bullet points on how the service works, the company states that it is essentially spyware, which is buried beneath the read more link on both the iOS App Store and the web.
Fast-forward to August of the same year, and Apple politely asked Facebook to remove the app from the App Store, which it did. However, that wasn’t the end of it.
Facebook then rebranded the app as Facebook Research, and started paying users to sideload it onto their iPhones using TestFlight – Apple’s system for allowing developers to recruit beta-testers for apps. It then required users to install an Enterprise Developer Certificate as well as a VPN, that would allow Facebook almost total access to everything done on the phone.
We finally saw the Facebook app banned by Apple in January of this year, though the social network continued for a time to maintain the Android version, before finally taking the hint.
Facebook would argue that there was full disclosure to Research app users about the data the company would be getting, and users could choose to agree or not, but the fact that it was paying teenagers was the most controversial aspect. To them, $20/month might seem like a lot of money, and cause them to agree to something that is far more intrusive than they would otherwise accept.