The fallout from the Cambridge Analytica data leak (and a seemingly unending string of privacy scandals ever since) has strained Facebook’s relationships in Silicon Valley, but none is currently more contentious than the social media company’s intensifying conflict with Apple.
This week, the feud hit a flash point. A TechCrunch report revealed that since 2016, Facebook has been using an app called Facebook Research to pay iOS and Android users as young as 13 years old $20 per month in exchange for root-level access to their entire digital lives: smartphone app histories, location data, private messages, purchase habits, and more. Approximately 5 percent of the program’s participants were teenagers.
Apple changed its privacy guidelines last summer to stop iOS apps from performing this kind of data collection, and banned Facebook’s Onavo Protect VPN app for doing just that. The Facebook Research app, internally codenamed “Project Atlas,” skirted the App Store approval process by misusing Apple’s Developer Enterprise Program, which lets Apple partners “sideload” apps, or bypass the App Store in order to distribute beta apps for employees to test.
Facebook leveraged the Developer Enterprise Program to distribute its pay-for-surveillance VPN app through beta testing services Applause, BetaBound, and uTest, but clearly violated Apple’s policy by paying non-employees to download the app in order to gather data on usage habits.
Soon after the TechCrunch story broke, Facebook announced it was ending the research program on iOS (the app is still available on Android). But Apple still banned the Facebook Research app and revoked Facebook’s developer certificates for misusing the Developer Enterprise Program.
“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization,” Apple said in a statement distributed to media outlets this morning. “Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”
Revoking Facebook’s certificates doesn’t mean any of its apps are removed from the App Store. But as Cheddar reports, kicking the company out of the Enterprise Developer Program breaks any Facebook beta apps that employees are using on iOS as intended.
This is incredible:
None of Facebook’s internal iOS apps/betas (used by thousands of employees) are working right now because Apple just revoked the company’s certificate. They won’t open.
For employees to use Facebook products on iOS they have to go download from the App Store.
— Alex Heath (@alexeheath) January 30, 2019
Cook and Zuck’s War of Words
This isn’t the first time Apple has taken action against Facebook’s data gathering practices, but it comes amidst a war of words between Apple CEO Tim Cook and Facebook CEO Mark Zuckerberg.
The emnity between the two isn’t a secret. Their public barbs began when Cook called for Facebook to be regulated and critized the company’s advertising and data-driven business model during an interview with MSNBC and Recode last spring.
“The truth is, we could make a ton of money if we monetized our customer—if our customer was our product. We’ve elected not to do that,” Cook said at the time. When asked what he would do if he were in Zuckerberg’s shoes, Cook responded: “I wouldn’t be in this situation.”
Zuckerberg hit back, calling Cook’s argument “extremely glib and not at all aligned with the truth.”
“I think it’s important that we don’t all get Stockholm syndrome and let the companies that work hard to charge you more convince you that they actually care more about you. Because that sounds ridiculous to me,” he added in an interview with Vox.
Apple’s disdain for Facebook’s business model escalated in June when it announced a Safari feature that blocked Facebook web trackers. Safari’s market share is far behind Google Chrome on desktop, but it dominates the mobile browsing market. The third-party tracker blocking was Apple’s most aggressive action toward Facebook’s business model until this week’s Facebook Research app ban and developer certificate revocations.
Facebook released a statement disputing some of the facts and wording of TechCrunch’s story, but it did not deny that Facebook knowingly violated Apple’s Developer Enterprise Program to gather market research data.
Breaking thousands of Facebook employees’ internal iOS app builds sends a clear message that Apple is prepared to retaliate against such activity. And while the average tech user might shrug at tech CEO scuffles, New York Times tech reporter Mike Isaac points out that users might ultimately get caught in the crossfire.
this tech cold war between two companies would be hilarious if it weren’t for the fact that the collectively control billions of users’ personal information
— rat king (@MikeIsaac) January 30, 2019