X

Apple knocks Facebook with shutdown over app privacy flap

The social network was paying people, including teens, $20 a month to collect their data. Apple says it took action to protect its users.

Zoey Chong Reporter
Zoey is CNET's Asia News Reporter based in Singapore. She prefers variety to monotony and owns an Android mobile device, a Windows PC and Apple's MacBook Pro all at the same time. Outside of the office, she can be found binging on Korean variety shows, if not chilling out with a book at a café recommended by a friend.
Queenie Wong Former Senior Writer
Queenie Wong was a senior writer for CNET News, focusing on social media companies including Facebook's parent company Meta, Twitter and TikTok. Before joining CNET, she worked for The Mercury News in San Jose and the Statesman Journal in Salem, Oregon. A native of Southern California, she took her first journalism class in middle school.
Expertise I've been writing about social media since 2015 but have previously covered politics, crime and education. I also have a degree in studio art. Credentials
  • 2022 Eddie award for consumer analysis
Zoey Chong
Queenie Wong
5 min read
facebook-f8-mark-zuckerberg-2018-0263
James Martin/CNET

Facebook has run into trouble with Apple over a controversial data-collecting app the social network used for market research, and that could impact Facebook's ability to test other apps internally.

Facebook paid people between the ages of 13 to 35 up to $20 per month along with referral fees to download an app that allowed the company to access a user's phone and web activity as part of market research. That software gives Facebook access to the users' data including web searches, location data and private messages.

On Wednesday,  Apple  blocked Facebook from offering the Facebook Research app to iPhone users. Facebook sidestepped Apple's review process for consumer apps by going through a program that allows companies to create apps for their employees to use and test.

"We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization," Apple said in an emailed statement. "Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple."

The iPhone maker said it revoked Facebook's enterprise certificates because it used these privileges to distribute apps to consumers. Apple said it pulled Facebook's certificate to protect its users and their data. 

Facebook announced earlier it would pull the Facebook Research app for iPhone users, according to TechCrunch, which earlier had reported on the existence of the app. The company did not respond to questions about whether the Facebook Research app will still work for Android users.

In an emailed statement, Facebook noted it didn't share the data it got with anyone and that people can opt out whenever they want.

"Key facts about this market research program are being ignored. Despite early reports, there was nothing 'secret' about this; it was literally called the Facebook Research App," a spokesperson said.

Facebook also disputed that it was spying on users.

"It wasn't 'spying' as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate," the spokesperson said.

The company downplayed the use of the app by teenagers.

"Less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms," the spokesperson said. Since 2016, fewer than 150,000 people participated in the market research program, according to Facebook. 

Some privacy experts say consumers should stay away from this type of market research or read the fine print carefully if they're considering taking part.

"I think it's highly unlikely that the vast majority of the people who went through this whole process really knew the kind of power they were giving Facebook when they clicked OK to install this (app)," said Bennett Cyphers, a staff technologist for the Electronic Frontier Foundation. 

Facebook's loss of the certificate means that the company can't distribute any internal iOS apps, according to The New York Times. That means that beta versions of software involving changes to Facebook, Instagram, and Messenger apps, as well as some employee apps, have stopped working, the publication reported, citing an unnamed person familiar with the situation.

Facebook confirmed that Apple's decision impacted apps used by Facebook employees. 

Watch this: Apple, Facebook support more privacy laws

A clash over data privacy

The conflict is the latest example of Apple and Facebook butting heads. Facebook's apps are among the most popular available in Apple's App Store, but the two are near polar opposites when it comes to security and privacy. Apple makes money from selling us gadgets like the iPhone, not from collecting user data, which is Facebook's strategy.

Apple CEO Tim Cook has criticized Facebook CEO Mark Zuckerberg and the social network's practices. He's said that Facebook failed to regulate itself, prompting the need for government intervention. During an interview with Vice late last year, Cook said he views "privacy as one of the most important issues of the 21st century."

But Facebook isn't the only tech firm to land in hot water. Google may have also violated Apple's rules by distributing an app called Screenwise Meter that allows the search giant to analyze a person's iPhone usage. 

Internally, the clash between Apple and Facebook has angered the social media company's employees, according to Business Insider. An internal memo obtained by the news outlet shows that the move by Apple is affecting apps used by employees, including a workplace version of Facebook and an app to hail rides. 

Facebook, which makes billions of dollars from selling ads, is still trying to rebuild trust with its users after a series of scandals. 

In March 2018, Facebook became embroiled in a scandal over the Cambridge Analytica research firm and its sharing of data on as many as 87 million Facebook users. That controversy, along with other aspects of Facebook's handling of privacy issues, took center stage at hearings before the US Congress.

Earlier reports pointed out that the app is similar to Facebook's Onavo Protect app, which Apple previously banned over violations of its privacy rules. Facebook removed the Onavo app in August. 

Apple has also chastised other companies for violating its policies in the past. Apple CEO Tim Cook once threatened to yank Uber's app. The problem arose after Uber reportedly built a feature into its app that could secretly identify and tag iPhone users, even after the app was deleted from users' phones.

As tech firms face calls for more regulation, some privacy groups are hoping that Facebook's latest scandal will be the straw that finally breaks the camel's back.

"Hopefully," Cyphers said, "this can serve as yet another cautionary tale of what these companies will do if they're not properly regulated."

CNET's Shara Tibken and Dara Kerr contributed to this report.

First published Jan. 30, 7:03 a.m. PT.
Updates, 8:45 a.m.: Adds information about problems with internal app development at Facebook; 12:19 p.m.: Includes background about Apple's clash with Facebook and other tech firms; 5:15 p.m.: Adds comment from EFF; Jan 31 at 10:05 a.m.: Includes the number of participants in Facebook's market research program. 

Cambridge Analytica: Everything you need to know about Facebook's data mining scandal.

CNET Magazine: Check out a sample of the stories in CNET's newsstand edition.