Facebook paid teens $20 per month to install ‘research’ app that spies on them

“Reportedly dubbed ‘Project Atlas’ internally, Facebook’s VPN bypasses Apple’s policies and pays teens up to $20 per month to install their ‘research’ app for complete access”

It probably won’t come as a major surprise anymore when you hear of Facebook being involved in a privacy breach. The social media platform has just faced severe criticism for attempting to unify the code bases of WhatsApp and Instagram, two services which it acquired (incidentally, with promises of allowing them autonomy) with Messenger, its own messaging platform that spun off Facebook’s native app. Now, an investigative report by TechCrunch has unraveled what the company has been up to, of late, in line with Mark Zuckerberg’s obsession with tapping into user data in order to maintain Facebook’s monopoly on the internet — even if that comes at the cost of destroying all notions of privacy and establishing a surveillance state.

To do so, Facebook appears to have built what it calls the ‘Facebook Research’ app, and consciously placed it outside of Apple’s App Store and the purview of its privacy policies. It has then listed its ‘Research’ programme under beta testing services BetaBound, uTest, and Applause. Apple’s privacy policy stops an app from collecting and transmitting data about other apps on a phone, or any data that is not necessary to its own functioning. Interestingly, while Facebook chose the three aforementioned testing platforms, it sneakily avoided TestFlight — Apple’s official beta testing platform that restricts the usage of an app to only 10,000 participants and, more importantly, requires an app to be reviewed by Apple before being put on it.

Facebook

What Facebook did, instead, is to list it on other, less stringent beta testing services, which allowed it to mask its involvement in this surveillance programme, at least initially. It then spread its arms around unsuspecting individuals, with the target age being between 13 and 35, and rolled out monetary rewards for anyone willing to participate. For teenagers that also happen to be Facebook’s most valuable data mines, an award of $20 every month was alluring, particularly since all they had to do was download an app, grant it all permissions that it asked for, and make sure that it ran in the background while they went about their usual day of posting updates on Instagram, shopping on Amazon, streaming on Netflix, or releasing snaps on Snapchat.

An excerpt from the TechCrunch report, which states everything that Facebook does with this app as described on Applause, reads as follows:

By installing the software, you’re giving our client permission to collect data from your phone that will help them understand how you browse the internet, and how you use the features in the apps you’ve installed . . . This means you’re letting our client collect information such as which apps are on your phone, how and when you use them, data about your activities and content within those apps, as well as how other people interact with you or your content within those apps. You are also letting our client collect information about your internet browsing activity (including the websites you visit and data that is exchanged between your device and those websites) and your use of other online services. There are some instances when our client will collect this information even where the app uses encryption, or from within secure browser sessions.

Enabling the Root Certificate for the Facebook Research app, once downloaded as an unverified entity on to a phone, literally gives it the ability to report on every single thing that you do on your phone, including looking inside specific apps. This theoretically allows Facebook to collect data on what other services you use, what products you look for and how frequently you use services that it deems to be its competition. This not only would allow it to stretch its targeted ad revenue exponentially further, but also stifle competitions by reading into what features are being preferred by specific age groups, which features are obsolete, and other usage trends.

Facebook 2

It was also caught doing the same with the Onavo Protect VPN app, which raised widespread fury over its data collection practices, following which it stated to have stopped using it. That, evidently, only meant having shifted over to other means, and as per TechCrunch‘s report, even much of the source code of the two apps remain the same.

Facebook’s Project Atlas, hence, is the privacy-killing, widespread surveillance tool that gives Facebook every bit of your everyday information. Whether it is used or not, and to what extent, is the more difficult bit. As stated in the report, Facebook has confirmed and acknowledged the continued usage of it and has shown no intent behind stopping.

Apple has also shown awareness behind the existence of this programme but has so far not declared any step of action for this. If you still had any expectation of having “private” conversations on the internet, it seems to be a rather outlandish idea right now.

A lover of anything that has a circuit and involves physics, Shouvik is passionate about technology, science and journalism in equal parts. When not at work, he prefers reading up on ancient history, sports and engineering, going on random photography expeditions, and occasionally a long solo drive. He's also neck-deep into science fiction, and is working on a debut novel that he hopes will one day be read by Steven Erikson.
Facebook Comments
SOURCETechCrunch