Desperate for its competitors' data, Facebook is secretly paying people to install a "Facebook Research" VPN that allows the company to siphon a user's phone and network activity, much like Facebook's "Onavo Protect" app, which Apple banned in June and removed in August. Facebook is bypassing the App Store and rewarding teens and adults to download the research app and give it access rights to network traffic, which could be a violation of Apple's rules for the social network to decrypt and analyze phone activity, TechCrunch's investigation confirms.
Facebook admitted to TechCrunch that it was running a research program to collect data on usage habits and has no plans to stop.
Since 2016, Facebook has paid users between the ages of 13 and 35 up to $20 per month plus referral fees to sell their privacy by installing the "Facebook Research" app on iOS or Android. Facebook has even asked users to screenshot their Amazon order history. The program is being managed through Applause, BetaBound and uTest beta tests to hide Facebook's involvement and is referred to in some documents as "Project Atlas" - an appropriate name for Facebook's efforts to map new trends and rivals around the world.
Guardian Mobile Firewall security expert, Will Strafach, when asked to copy his Facebook research application, and told us that "if Facebook takes full advantage of the level of access they give them by asking users to install a certificate, they will have the ability to continuously collect the following types of data:
private messages in social media applications,
chats From instant messaging apps - including photos/videos sent to other people,
email messages,
Internet search,
Web browsing,
and even current location information,
tapping the feeds of any location-tracking apps you've installed. "It's not clear exactly what data Facebook is concerned with, but it has almost unlimited access to a user's device once the app is installed.
The strategy shows how far Facebook is willing to go and how much it is willing to pay to protect its dominance - even risking a breach on the Apple iOS platform it depends on. Apple may try to block Facebook from further distributing its research app or even revoke its permission to offer the app only to employees, and the situation could further sour relations between the tech giants. Apple's Tim Cook has repeatedly criticized Facebook's data collection practices. Facebook disobeying iOS politicians to siphon off more information could become a new talking point. TechCrunch contacted Apple and is aware of the issue, but the company did not provide a statement before press time.
Facebook surveillance application
Facebook first got into the data-intensive business when it acquired Onavo for about $120 million in 2014. The VPN app helped users track and minimize their use of the mobile data plan, but also provided Facebook with detailed analytics on other apps they used. Internal documents acquired by Charlie Warzel and Ryan Mac of BuzzFeed News revealed that Facebook was able to use Onavo to learn that WhatsApp sends more than twice as many messages per day as Facebook Messenger. Onavo allowed Facebook to see the rapid growth of WhatsApp and justify paying $19 billion to buy the chatbot startup in 2014. WhatsApp has tripled its user base, demonstrating the power of Onavo's foresight.
Since then, Onavo has tied Facebook to what apps to copy, features to build, and flops to avoid. Until 2018. Facebook promoted the Onavo app in the Protect tab of Facebook's main app, hoping to get more users to eavesdrop. Facebook also launched the Onavo Bolt app, which allows you to lock apps behind a password or fingerprint while you investigate, but Facebook disabled the app the day it was discovered after privacy criticism. The main Onavo app remains available on Google Play and has been installed more than 10 million times.
TechCrunch recently received a tip that although Onavo Protect was exiled by Apple, Facebook was paying users to sideload a similar VPN app under a pseudonym Facebook Research outside the App Store. We investigated and learned that Facebook has partnered with three beta app testing services to distribute Facebook Research apps: BetaBound, uTest and Applause. Facebook has begun distributing the app Research VPN 2016. It was named Project Atlas since at least mid-2018, When there was a sharp turnaround on Onavo Protect, and Apple introduced new policies that ban Onavo. [Update: Previously, a similar program was called Project Kodiak.] Facebook didn't want to stop collecting data on people's phone usage, so the research program continued, disregarding Operation Onavo Protect's ban.
Ads (shown below) for a program run by uTest on Instagram and Snapchat sought teens ages 13-17 for a "paid social media survey." The sign-up page for the Facebook research program managed by Applause does not mention Facebook , but seeks users "Age: 13-35 (Parental consent required for ages 13-17)." If minors try to sign up, they ask for parental permission in a form that discloses Facebook's involvement and says: " There are no known risks associated with the project, however, you acknowledge that the inherent nature of the project involves the tracking of personal information through your child's use of the app. You will be rewarded by Applause for your child's participation. "For children who don't have the cash, payments may force them to sell their privacy to Facebook.
The Applause website explains what data could be collected by Facebook's research application:
"By installing the software, you are giving our customer permission to collect data from your phone that will help them understand how you browse the Internet and how you use the features of installed applications. . . This means that you allow our client to collect information about what applications are on your phone, how and when you use them , data about your actions and content in those applications, and how others interact with you or your content in those applications. You let also our client to collect information about your browsing activity (including sites visited and data exchanged between your device and those sites) and use of other online services. There are certain instances where our client will collect this information, even if the application uses encryption or from secure browser sessions. "
Meanwhile, the BetaBound sign-up page with a URL ending in "Atlas" explains that "for $20 per month (via e-gift cards), you will install the app on your phone and let it run in the background." offers $20 for a friend you refer. The site also makes no mention of Facebook, but Facebook Research's installation instructions reveal the company's involvement.
Once installed, users simply had to maintain a VPN connection and send data to Facebook to get paid. The program, managed by Aplauz, requested screenshots of Amazon orders from users. This data could potentially help Facebook tie browsing habits and use of other apps to shopping preferences and behavior. This information can be used to fine tune ad targeting and understand which types of users are buying something.
TechCrunch commissioned Strafach to analyze the Facebook Research app and determine where it is sending data. It confirmed that the data is being routed to the " vpn-sjc1.v.facebook" program.
Facebook is particularly interested in what teens are doing on their phones, as demographics increasingly abandon social in favor of Snapchat, YouTube and Facebook's acquisition of Instagram. Insights into how popular Chinese video music app TikTok and meme sharing is among teens led Facebook to release a clone called Lasso and begin developing a meme-browsing feature called LOL, TechCrunch first reported. But Facebook's desire for teen data is drawing criticism at a time when the company has been battered in the press. Analysts on Facebook's future earnings should find out what other ways it has to gather competitive intelligence.
To sum up, already our children are subjected to social engineering with their and our consent. Knowing how to navigate the web, they not only match ads to people, but also create ungodly fashion and have free intelligence in the form of storage and access to our chats on messenger or permission to text messages, photo galleries and phone voice.
All from our free will.
It's a shame that this is happening... 🙁