Another day, another Facebook controversy. The latest backlash follows a TechCrunch report that the company was secretly paying teenagers to access their data and basically monitor their every move on the web. Facebook was asking people to install a VPN app called Facebook Research that gave it full access to a user's phone and internet activity. That, according to security expert Will Strafach (who helped TechCrunch with the investigation), gave the company the ability to continuously collect "private messages in social media apps, chats from in instant messaging apps (including photos/videos sent to others), emails, web searches, web browsing activity and even ongoing location information."
And what did these teens get in exchange for giving up every last illusion of privacy? Twenty dollars in e-gift cards per month. For a company that's been involved in countless data-privacy scandals in recent months, Facebook has a lot of nerve. Rather than changing its approach to collecting people's personal data, especially in the wake of the Cambridge Analytica scandal, Facebook continues to test the limits of what it can get away with.
By using its developer credentials to do this, Facebook bypassed Apple's TestFlight beta-testing program and instead let users download it from three other services: BetaBound, uTest and Applause. One of the beta-testing services Facebook used, Applause, went as far as asking users to provide a screenshot of their Amazon purchase history. Which is just shameless.
Apple's decision to block Facebook from the Enterprise Developer Program is going to make it difficult to beta-test its various apps, including Messenger and Instagram. Beyond that, Apple CEO Tim Cook hasn't shied away from criticizing Facebook's privacy standards, and this is only going to heighten the tension between him and Mark Zuckerberg.
Facebook might argue that the people who signed up for the Research program (which reportedly targeted users between ages 13 and 35) consented to have their data harvested. But it's not as if the company was being explicit about its involvement, since it was essentially hiding behind BetaBound, uTest and Applause as a "social media study." Per TechCrunch, it wasn't until a minor tried to sign up that a parent-consent form revealed that the data being collected would be provided to Facebook.
Here's how that form read: "There are no known risks associated with the project, however you acknowledge that the inherent nature of the project involves tracking of personal information via your child's use of apps."
Since TechCrunch's investigation came out on Tuesday night, Facebook has said it is shutting down the program for iOS users, though it will still be available on Android. Google has not replied to our request for comment, but TechCrunch is now reporting that it, too, has a data-collecting application (called Screenwise Meter) that sidesteps Apple's App Store.
Meanwhile, in a statement to Engadget, Facebook disputed the TechCrunch story on its Research program, saying that "key facts" are being ignored. "Despite early reports, there was nothing 'secret' about this; it was literally called the Facebook Research App," Facebook said. "It wasn't 'spying' as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms."
Still, as Facebook is already under heavy scrutiny for mishandling user data, the revelation about the existence of the Research app couldn't come at a worse time. It shows, yet again, Facebook's carelessness and inability to read the room. If lawmakers were concerned before and felt Facebook was in need of tougher regulation, surely this is only going to add more scrutiny.
But even if that small percentage did have permission from their parents to participate in the program, and assuming those parent signatures weren't faked, most companies would draw a line at exploiting children. Facebook's ruthlessness, however, appears to have no boundaries.