Facebook and Google have violated Apple's policies by distributing applications that monitor user behavior outside the Apple App Store, as reported by TechCrunch. Apple has temporarily banned Facebook and Google from running internal software, sending a strong message.
Monitored users on Facebook (with consent)
Facebook likes to know as much as possible about its users and what they spend your time doing, both on Facebook and on the web. Remember, despite what he says, Facebook's customers are not you (the person who uses the social network), but ad networks and other companies interested in your data. Facebook also wants to know why and when to use alternatives to the social network.
To better track what users are doing outside of Facebook, the company created a volunteer program called "Facebook Research App" that worked as a VPN when it is installed on the phones. The VPN sent data to Facebook, including visited websites, sent messages, photos, videos, and so on. The application also required users to install a root certificate, which allowed tracking of data that would typically be encrypted. The volunteers chose to install the application and received $ 20 a month in electronic gift cards
Whether the volunteers have fully understood the amount of data they have given is uncertain. The application contained explanations and a service contract, but, as we all know, many people do not read beyond the $ 20 offer; they go directly to the OK button.
Early reports suggested that Facebook specifically targeted teens, but this does not appear to be the case as the company said that most of the users were adults. Facebook also stated that minors must apply for parental permission, but some tests have shown that parental verification does not always work as expected and that a minor could enroll in the program. without proving the parent's consent.
Facebook abused a business tool
Here's the key to understanding this story: Facebook did not distribute this app in the usual way via the Apple App Store. Apple previously forbidden a Facebook-like VPN application belonging to their App Store, called Onavo Protect and modified their terms of service to limit data collection to that directly related to the application.
Facebook has bypassed this problem by distributing the app outside of the App Store. Lateral loading of an application on iPhone This is normally neither easy nor simple for most people, but Facebook had an advantage here. As a large company, Apple has granted a special certificate authorizing the distribution of applications outside the Apple App Store. This process is aimed primarily at testing future applications (internal beta) and business access applications (such as a corporate social network or a restaurant menu system). ;business).
Apple made understand that these certificates should not be distributed to average users and that applications designed for these certificates should remain internal to the company. Apples Flight of test is the only method approved by Apple for beta testing with users, but it maintains strict limits and still relies on the App Store. Despite this rule, Facebook used the certificate to install its Facebook Research application on volunteer phones, volunteers who did not work for Facebook.
Apple shut down Facebook's internal apps
Because of this violation, Apple revoked the certificate allowing these internal applications to work. This broke Facebook Research's application and Facebook's internal applications, including test, transport and restaurant menu apps. It is unclear how many employees were directly affected.
Apple's stock has not blocked Facebook apps available on the App Store, including Facebook, Messenger and WhatsApp. Facebook has since stopped Facebook Research on iOS, but a similar application is still available on Android.
Apple has restored Facebook's ability to run internal applications about a day later, and everything is back to normal.
Google also had a tracking app
Google had a similar program called Screenwise Meter in place, and Google has distributed it with the same certificate method on iOS. Google does not seem to have monitored the encrypted data. In addition, the first volunteer in a household to register had to be 18 years of age or older, and then that adult could add a minor. Similar to Facebook, Google pays volunteers $ 20 a month for providing their data.
Apple has also closed Google's internal iOS applications, citing the same rule violation, and Google has downloaded the iOS Screenwise Meter application. Google said that Screenwise Meter should not have been distributed this wayand Apple has also reinstated Google's internal iOS apps.
Again, this does not affect Google apps on the Apple App Store. Google continues to offer Screenwise Meter on Android.
As far as the two companies are concerned, paying the users to collect this bulky data is perfect. They are not alone. On the contrary, compared to grocery reward cards, it's more transparent. This is similar to the Nielsen company, which follows television habits, but on a larger scale.
Apple was not happy that its policies were being violated
Apple was not happy with how Facebook and Google have bypassed its App Store policies, breaking corporate licensing rules by distributing certificates to non-employees. Facebook did all this despite a direct warning from Apple that it bar this kind of data tracking.
By disabling internal business applications, Apple sent a direct message that this behavior was unacceptable. Apple has managed to send a strong signal to Facebook and Google without breaking the applications that normal users of Facebook and Google rely on. You can still use Facebook apps on your iPhone, but employees can not launch their internal apps for a day or two.
Has Apple abused its power?
This event reminds you that Apple controls its mobile operating system and the code that can run on it. Apple not only organizes authorized apps in the App Store, but can also remove and revoke access to those apps if needed. That's what Apple does when malware is discovered in an application that has slipped, for example.
The company intervened to enforce its policies, which Facebook and Google had violated. Apple has probably received assurances that Facebook and Google will behave in the future before restoring their ability to run internal applications, but we do not know what has been discussed between companies.
Apple has always operated iOS as a tightly controlled "closed garden," unlike the "Wild West" of Google's Android, and we now all know what we're endorsing. If the control of the operating system by Apple bothers you, you have at least one alternative: Android.
But this type of control is not unique to Apple. Although Google does not organize the Play Store directly, he can and has removed store apps and user phones. Google sparingly exercises this power and usually removes malicious applications to protect users, but the effect is ultimately similar.