Facebook Shutting Down Controversial Research VPN App For iOS [Update: Apple Pulled the Certificate]

BY Rajesh Pandey

Published 30 Jan 2019

An explosive report from TechCrunch detailed how Facebook was paying teenagers $20 per month to track their app usage habits and browsing history via its Research VPN app. In response to that report, Facebook has confirmed that it will be shutting down its controversial research program on iOS.

The research program violated Apple’s developer guidelines with Facebook using third-party beta services to bypass using Apple’s TestFlight restriction of 10,000 beta testers. Despite the controversy, Facebook intends to continue offering the Research VPN app for Android users.

The controversial research program has been running since 2016 with Facebook paying unsuspecting users of 13 to 35 years in age up to 20$ per month for acquiring their app usage habits and browsing history. In some cases, Facebook even asked some users to upload a screenshot of their Amazon order history page.

To get users to join its controversial research program, Facebook runs “Project Atlas” ads on Snapchat and Instagram and does not mention that it is the one running this research program. Facebook has also issued a statement to TechCrunch saying that important facts about the research program were ignored by the report.

“Key facts about this market research program are being ignored,” the company said. “Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms.”

It also clarified that the Research program was not intended to replace its Onavo VPN app, though the functionality and the shared codebase of the apps seem to suggest otherwise.

Our Take

Facebook had a pretty bad 2018 due to various data leaks and 2019 has not really started on a positive note for the social networking giant. Facebook really needs to go into damage control mode and look at its business practices. It might have managed to build an empire on such unethical practices but it will need to clean up its act now if it wants to sustain its massive user base.

Update: Turns out, it was Apple that pulled the developer certificate used by Facebook for running its research program. The company says that its Enterprise Developer certificates are to be strictly used for internal testing of apps in an organization.

We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.

[Via TechCrunch]