How to Check If Your Child Is Using Facebook’s Forbidden Research App

Posted on by

As you’ve probably already heard, Facebook – in its limitless wisdom – launched a program that pays your child (ages 13 to 35) a whopping $ 20 worth of gift cards every month in exchange for almost unlimited access to data. on their Apple or Android devices. By installing a custom root certificate, Facebook can see what websites they are browsing, what they say to their friends, and what they write in their emails, to name just a few examples of privacy breaches.

I am describing this in the present tense because this (seemingly) invite-only program still exists on Android. Apple isn’t that big, especially since Facebook’s new data mining deal is essentially just a rebranded version of its former spyware-turned-Onavo VPN app that Apple asked Facebook to remove from the App Store last year.

Embarrassed? I don’t blame you. Here’s the short version: Facebook wants to know the personal details of what you are doing on your device, and it has no problem doing its best to get it. If you’re concerned that a younger family member is paying for their monthly Fortnite DLC purchases while sharing their secrets to Facebook, let’s take a look at the basics of Facebook’s research program:

If Facebook gets caught, has the company apologized?

Ahahahahahaha no. Why would Facebook apologize when it feels like it hasn’t done anything wrong? Here is a statement that Gizmodo received from a Facebook spokesperson:

“Key facts about this market research program are being ignored. Despite early reports, there was nothing “secret” about this; it was literally called the Facebook Research App. This was not “espionage”, since all people who signed up to participate went through a clear connection procedure, asked for their permission and received money for participation. Finally, less than 5 percent of the people who chose to participate in this market research program were teenagers. All with signed parental consent forms. “

As you will see, the phrases “we’re sorry”, “sorry”, “uninstalling the app” and “never again” are not used in this statement. Facebook plans to continue “Explore Facebook” on Android, and it will likely do so on iOS if there was any other possible workaround it could use.

How long did it last?

Since 2016, according to the original TechCrunch report.

Can I register now?

Really ? If you even remotely think about it, your personal data costs well over $ 20 a month. And if you’re comfortable with streaming pretty much everything you do to Facebook, you can also give your friends the passwords to your accounts and let them go to town as you don’t seem to care too much about your privacy.

In any case, it seems, a link to a subscription to Betabound for the program is no longer active, so it is unclear whether you can register to participate. I suspect Facebook is about to change how programmatic invites work, given the protests, but I wouldn’t expect them to end. After all, you can still download the Apple-banned Onavo app from Google Play.

There is no information on whether those who previously participated in the program will be able to continue, but I do not understand why not. Get some of that sweet referral money , right?

Why is Apple so concerned about this and not Google?

Different platforms; different rules. Apple has a stricter privacy policy for apps than Google. When Apple told Facebook that it should voluntarily remove Onavo from the App Store last year, Apple also released this statement:

“In the latest update to our guidelines, we made it clear that apps should not collect information about what other apps are installed on a user’s device for analytics or advertising / marketing purposes, and should clearly state what user data will be collected. and how it will be used. “

Google didn’t say anything about the Onavo app at the time, and the app doesn’t seem to have generated any kind of reaction from Google since then. As I mentioned, you can download it right now if you like. ( Shouldn’t .)

As for Facebook Research, you won’t find an app with that name on the Google Play store. I am not a member of the program, but I am assuming that members receive a link to download the app to their devices when they register to participate. And when you do, the app installs a new certificate and VPN on your device, and this is how Facebook can get an idea of ​​just about everything you do.

But Apple is angry, right?

I would say so. Since Facebook knows that a rogue VPN app is likely to be an open season for the Apple App Review team, the company instead took advantage of the Enterprise Developer Program to install the app on members’ iOS devices.

The program should allow companies to install customized or proprietary apps on employees’ devices. Since this is all done internally, these apps won’t go through the App Store and won’t trigger any reviews from Apple.

Putting the pieces together? Facebook has asked its program members to install an Enterprise Developer Certificate and VPN. According to the now defunct registration page for the research program, this will give Facebook the ability to collect:

  • information such as which applications are installed on your phone
  • [info about] how and when you use them
  • data about your activities and content in these applications, as well as how other people interact with you or your content in these applications.
  • information about your online activity (including the websites you visit and the data exchanged between your device and those websites) and your use of other online services.

Since then, Apple has realized what Facebook is doing behind the scenes, and the spokesman’s statement in response to Facebook’s devious tactics is rather discouraging:

“We designed our enterprise developer program exclusively for internal distribution of applications within the organization. Facebook used its membership to distribute a data collection app to consumers, in clear violation of their agreement with Apple. Any developer who uses corporate certificates to distribute applications to consumers will have their certificates revoked, which we did in this case to protect our users and their data. “

Yes, and by revoking that certification, Apple has made it impossible for Facebook to distribute its own internal applications . Reap what you sow, Facebook.

How do I know if I (or my child) share all of this data with Facebook?

If you’re using iOS, go to Settings > General > Profiles . Most people shouldn’t have anything here, unless their job requires them to install a profile to access various work-related applications and services. If you see your Facebook Research profile, delete it. You can also check the VPN section on the general screen to see if anything Facebook-related is installed (or active).

On Android, you should simply find the Facebook Research app. If it exists, remove it. You can also check if your device has any strange VPN connections by going to Settings > Network & Internet > Advanced > VPN , and any unwanted certificates by going to Settings > Security & Location > Advanced > Encryption & Credentials > Trusted Credentials> User. tab .

Can I use the Facebook app?

Certainly. But do you really want it ?

Is anyone else going to hit Apple for launching a program like this?

Cook’s gaze turns to the lands of Mountain View . Google has a similar program, Screenwise Meter , which exploits the same Enterprise Developer Certificate loopholes as the Facebook app. Take your popcorn.

More…

0
Uncategorized

Leave a Reply