Facebook Is Paying Teenagers to Install Its VPN, Which Monitors Their Network Activity in the Background ⇥ techcrunch.com

Josh Constine, TechCrunch:

Desperate for data on its competitors, Facebook has been secretly paying people to install a “Facebook Research” VPN that lets the company suck in all of a user’s phone and web activity, similar to Facebook’s Onavo Protect app that Apple banned in June and that was removed in August. Facebook sidesteps the App Store and rewards teenagers and adults to download the Research app and give it root access in what may be a violation of Apple policy so the social network can decrypt and analyze their phone activity, a TechCrunch investigation confirms. Facebook admitted to TechCrunch it was running the Research program to gather data on usage habits.

Since 2016, Facebook has been paying users ages 13 to 35 up to $20 per month plus referral fees to sell their privacy by installing the iOS or Android “Facebook Research” app. Facebook even asked users to screenshot their Amazon order history page. The program is administered through beta testing services Applause, BetaBound and uTest to cloak Facebook’s involvement, and is referred to in some documentation as “Project Atlas” — a fitting name for Facebook’s effort to map new trends and rivals around the globe.

Even for Facebook, this is creepy.

Here’s what I don’t get about this story — aside from, of course, the parts that would make any reasonable person shudder. Facebook has been embroiled in unethical behaviours since its inception, but public interest has dramatically increased over the past couple of years. How is there still not a single person at this company pushing the stop button on anything that might seem creepy? Is that something that they are institutionally incapable of doing, or even recognizing in the first place?

As far as Apple’s action on this is concerned, I say that they should exercise their power over their platform by cancelling Facebook’s enterprise certificate and pulling their apps from the App Store. I’m not exaggerating. I’ve tried to reconcile Apple’s allowance of Facebook’s privacy-antagonistic practices in the App Store while preaching their strong stance on privacy; I still think that surveillance advertising needs to be reined in by legislation as opposed to individual actions by companies. In this case, though, Facebook is being openly hostile towards Apple’s policies. Smaller developers get turfed for less.

Update: Kurt Wagner, Recode:

Apple’s response, via a PR rep this morning: “We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

Translation: Apple won’t let Facebook distribute the app anymore.

I hope Facebook is on a very short leash.