Facebook ‘paid users to gather their personal data’
Facebook paid users including teenagers to gather a range of personal data from their mobile devices, it has been reported.
The social networking giant rewarded users who installed a virtual private network (VPN) app, which enabled it to monitor all of a user’s phone and web activity as a form of market research, the website TechCrunch claimed.
It said the software tracked the apps installed on a device, how and when they were used, and the web browsing history of those who took part.
The report claimed users aged between 13 and 35 were paid up to 20 dollars (£15) a month to install the Facebook Research app on iOS and Android devices.
It claims the app was installed with testing services normally used for software still in development, meaning it was able to bypass Apple’s App Store for installation.
The report suggested it may have been in violation of Apple’s policies around data privacy and usage.
Apple has since confirmed the move does violate its policies and it said Facebook had misused its privileges.
The incident was reported as Facebook faces intense scrutiny over its data-handling practices and approach to user privacy.
In response to the report, Facebook suggested the programme had been misrepresented.
“Key facts about this market research programme are being ignored,” a company spokeswoman said.
“Despite early reports, there was nothing ‘secret’ about this – it was literally called the Facebook Research App.
“It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate.
“Finally, less than 5% of the people who chose to participate in this market research programme were teens – all of them with signed parental consent forms.”
The social network confirmed it was ending the programme on Apple’s platform but Apple said it had instead revoked Facebook’s certificates linked to the app.
“We designed our Enterprise Developer Programme solely for the internal distribution of apps within an organisation,” Apple said in a statement.
“Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple.
“Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”
The report drew comparisons with another Facebook-owned app – Onavo Protect – another VPN it claimed enabled users to better manage and protect their data.
The social network acquired Onavo in 2013 but removed it from the App Store last year after Apple updated its rules on data collection.
Facebook denied the research app was built to replace Onavo.
The company also argued its market research practices were not unusual.
“Like many companies, we invite people to participate in research that helps us identify things we can be doing better,” Facebook said.
“Since this research is aimed at helping Facebook understand how people use their mobile devices, we’ve provided extensive information about the type of data we collect and how they can participate.
“We don’t share this information with others and people can stop participating at any time.”