Facebook has been caught in a sticky situation over its Facebook Research app. It was reported by TechCrunch that Facebook paid users $20 to install the app on their iOS smartphones, which then harvested data about what other apps those users installed by routing their phone’s traffic through the Facebook servers.
It was discovered that Facebook paid users as young as 13 to install the Research app, though Facebook claims this was done with parental consent and made up less than 5 per cent of the user base. Despite that, security researcher Will Strafach has said that he doesn’t think Facebook made it clear enough to their users exactly what permissions were being granted.
Facebook don’t exactly have a glowing reputation when it comes to data collection and security; last year’s Cambridge Analytica scandal is testament to that. Recent court documents have also shown that Facebook allowed children to amass large bills for digital games and had rejected recommendations for controlling this for fear of hurting their bottom line. The Facebook Research app is another mark on their record.
Things got stickier when it was discovered that Facebook had built this app using an enterprise developer certificate. Apple give this to companies who need to build applications for internal use only. Clearly, this app was being used by far more people than just Facebook employees.
Apple were not happy to find this out, since it was a clear breach of terms, and revoked Facebook’s access to the developer program without warning Facebook.
“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organisation. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple,” said Apple in a statement to the Guardian. “Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”
It’s a move that caused havoc at Facebook’s campus. According to reports from Business Insider, Facebook have a collection of internal apps that were rendered unusable because of their reliance on the enterprise developer certificate.
Employees couldn’t check food menus, call for office transport, or even use unreleased versions of Facebook and Instagram. These latter apps are distributed to employees, so they can test features before the general public – employees had to resort to downloading the public versions of these apps.
The license revoking particularly effected the main campus in Menlo Park, California. An app called Ride lets employees take a shuttle between buildings and another called Mobile Home is an employee informational portal. Both of these were down.
The Guardian contacted Facebook for comment but had received nothing by time of publication. Whether Apple will grant the necessary certificates to Facebook if they resolve the misuse on the Facebook Research app remains to be seen – otherwise the social network company will need to reconfigure their apps to function without it.
Facebook Face Apple's Wrath for Unauthorised Data Collection
No comments yet. Sign in to add the first!