December 16, 2019 News Magazine

Apple reactivates Facebook’s employee apps after punishment for Research spying

After TechCrunch caught Facebook violating Apple’s employee-only app distribution policy to pay people for all their phone data, Apple invalidated the social network’s Enterprise Certificate as punishment. That deactivated not only this Facebook Research app VPN, but also all of Facebook’s internal iOS apps for workplace collaboration, beta testing and even getting the company lunch or bus schedule. That threw Facebook’s offices into chaos yesterday morning. Now after nearly two work days, Apple has ended Facebook’s time-out and restored its Enterprise Certification. That means employees can once again access all their office tools, pre-launch test versions of Facebook and Instagram… and the lunch menu.

A Facebook spokesperson issued this statement to TechCrunch: “We have had our Enterprise Certification, which enables our internal employee applications, restored. We are in the process of getting our internal apps up and running. To be clear, this didn’t have an impact on our consumer-facing services.”

Meanwhile, TechCrunch’s follow-up report found that Google was also violating the Enterprise Certificate program with its own “market research” VPN app called Screenwise Meter that paid people to snoop on their phone activity. After we informed Google and Apple yesterday, Google quickly apologized and took down the app. But apparently in service of consistency, this morning Apple invalidated Google’s Enterprise Certificate too, breaking its employee-only iOS apps.

Google’s internal apps are still broken. Unlike Facebook that has tons of employees on iOS, Google at least employs plenty of users of its own Android platform, so the disruption may have caused fewer problems in Mountain View than Menlo park. “We’re working with Apple to fix a temporary disruption to some of our corporate iOS apps, which we expect will be resolved soon,” said a Google spokesperson. A spokesperson for Apple said: “We are working together with Google to help them reinstate their enterprise certificates very quickly.”

TechCrunch’s investigation found that the Facebook Research app not only installed an Enterprise Certificate on users’ phones and a VPN that could collect their data, but also demanded root network access that allows Facebook to man-in-the-middle their traffic and even deencrypt secure transmissions. It paid users age 13 to 35 $10 to $20 per month to run the app so it could collect competitive intelligence on who to buy or copy. The Facebook Research app contained numerous code references to Onavo Protect, the app Apple banned and pushed Facebook to remove last August, yet Facebook kept on operating the Research data collection program.

When we first contacted Facebook, it claimed the Research app and its Enterprise Certificate distribution that sidestepped Apple’s oversight was in line with Apple’s policy. Seven hours later, Facebook announced it would shut down the Research app on iOS (though it’s still running on Android, which has fewer rules). Facebook also claimed that “there was nothing ‘secret’ about this,” challenging the characterization of our reporting. However, TechCrunch has since reviewed communications proving that the Facebook Research program threatened legal action if its users spoke publicly about the app. That sounds pretty “secret” to us.

Then we learned yesterday morning that Facebook hadn’t voluntarily pulled the app, as Apple had actually already invalidated Facebook’s Enterprise Certificate, thereby breaking the Research app and the social network’s employee tools. Apple provided this brutal statement, which it in turn applied to Google today:

We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.

Apple is being likened to a vigilante privacy regulator overseeing Facebook and Google by The Verge’s Casey Newton and The New York Times’ Kevin Roose, perhaps with too much power, given they’re all competitors. But in this case, both Facebook and Google blatantly violated Apple’s policies to collect the maximum amount of data about iOS users, including teenagers. That means Apple was fully within its right to shut down their market research apps. Breaking their employee apps too could be seen as just collateral damage since they all use the same Enterprise Certification, or as additional punishment for violating the rules. This only becomes a real problem if Apple steps beyond the boundaries of its policies. But now, all eyes are on how it enforces its rules, whether to benefit its users or beat up on its rivals.


Source: TechCrunch

Tags: in Uncategorized
Banner
Related Posts

PayPal-backed money lender Tala raises $110M to enter India

August 21, 2019

August 21, 2019

Tala, a Santa Monica, California-headquartered startup that creates a credit profile to provide uncollateralized loans to millions of people in...

PalmPay launches in Nigeria on $40M round led by China’s Transsion

November 13, 2019

November 13, 2019

Africa focused payment startup PalmPay has launched in Nigeria after raising a $40 million seed-round led by Chinese mobile-phone maker...

Startups Weekly: Will Trump ruin the unicorn IPOs of our dreams?

January 12, 2019

January 12, 2019

The government shutdown entered its 21st day on Friday, upping concerns of potentially long-lasting impacts on the U.S. stock market....

India’s ride-hailing giant Ola makes serious bet on two-wheeler

September 12, 2019

September 12, 2019

Ola, the largest ride-hailing service in India, said today its two-wheeler service — Ola Bike — is now operational in...

Why each Libra member’s mutiny hurts Facebook

October 12, 2019

October 12, 2019

There’s a strategic cost to the defection of Visa, Stripe, eBay, and more from the Facebook -led cryptocurrency Libra Association...

Fossil releases its latest Wear OS watch

August 5, 2019

August 5, 2019

Wear OS’s struggles have not been the result of a lack of trying from all parties. Google’s been trying in...

Rigetti launches the public beta of its Quantum Cloud Services

January 30, 2019

January 30, 2019

Rigetti Computing, one of the leading startups in the quantum computing space, today announced the public beta of its Quantum...

Google Nest Mini hands-on

October 15, 2019

October 15, 2019

Two years after the release of the Home Mini, Google’s back with the sequel. Well, “sequel” might be a bit...

Hayabusa2 lands on an asteroid and sends back amazing pictures to prove it

July 12, 2019

July 12, 2019

Japan’s Hayabusa2 mission to the asteroid Ryugu is an ambitious one to begin with, and the team recently made the...

Partech is doubling the size of its African venture fund to $143 million

January 31, 2019

January 31, 2019

Jake Bright Contributor Jake Bright is a writer and author in New York City. He is co-author of The Next...

Phantom Auto raises $13.5M to expand remote driving business to delivery bots and forklifts

April 18, 2019

April 18, 2019

Remote driving startup Phantom Auto has raised $13.5 million of financing in a Series A round led by Bessemer Venture...

The future of Uber is promoting Eats

September 26, 2019

September 26, 2019

Uber’s best bet is to use its ubiquity and product breadth to beat rivals in ride hailing, scooters, and food...

Tesla halts online sales ahead of Elon Musk announcement

February 28, 2019

February 28, 2019

Tesla buyers might have a hard time ordering a vehicle through its website for the next several hours. The “order”...

Google-backed Dunzo raises $45M to expand its hyperlocal delivery startup in India

October 4, 2019

October 4, 2019

An Indian startup that is increasingly posing a threat to established food and grocery delivery businesses and e-commerce giants just...

The 10 benefits and policies any modern workplace should have

June 6, 2019

June 6, 2019

Georgene Huang & Liv McConnell Contributor Georgene Huang is CEO and Co-founder and Liv McConnell is Associate Editor at Fairygodboss,...

Comments
Leave a Reply

Your email address will not be published. Required fields are marked *