s you’ve probably heard by now, Facebook—in its infinite wisdom—has been running a program that pays your kid (aged 13 to 35) a whopping $20 worth of gift cards each month in exchange for near-unlimited access to the data on their Apple or Android devices. By installing a custom root certificate, Facebook can see what websites they browse, what they say to their friends, and what they write in their emails, to name a few privacy-shattering examples.
I’m describing this in present tense, because this (seemingly) invite-only program still exists on Android. Apple, not so much, especially since Facebook’s new data-mining deal is basically just a rebranded version of its former Onavo VPN-turned-spyware app, which Apple asked Facebook to remove from the App Store last year.
Confused? I don’t blame you. Here’s the short version: Facebook wants to know the personal details of what you do on your device, and it has no problem doing whatever it takes to get that. If you’re concerned that a younger family member is paying for their monthly Fortnite DLC purchases by giving up their secrets to Facebook, let’s go over the basics of Facebook’s Research program:
If Facebook got “caught,” did the company apologize?
Ahahahahahaha no. Why would Facebook apologize if it feels it did nothing wrong? Here’s the statement Gizmodo received from a Facebook spokesperson:
“Key facts about this market research program are being ignored. Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms.”
As you’ll see, the phrases, “we’re sorry,” “we apologize,” “removing the app,” and “never again” do not appear in this statement. Facebook plans to continue the “Facebook Research” on Android, and it would probably do so on iOS were there any other conceivable workaround it could use.
How long has this been going on?
Since 2016, says the original TechCrunch report.
Can I sign up now?
Really? If you’re even remotely thinking about this, your personal data is worth a lot more than $20 a month. And if you’re fine with turning over nearly everything you do to Facebook, you might as well give your friends your passwords to your accounts and let them go to town, since you don’t seem to care about your privacy that much.
Anyway, it appears the Betabound sign-up link for the program is no longer active, so it’s unclear whether you can still sign up to participate. I suspect Facebook is going to rejigger how program invitations work, given the outcry, but I wouldn’t expect them to stop. You can still download the Apple-banished Onavo app from Google Play, after all.
There’s no word on whether those previously enrolled in the program will still be able to continue, but I don’t see why not. Get some of that sweet referral cash, right?
Why does Apple care so much about this and not Google?
Different platforms; different rules. Apple tends to have stricter privacy policies in place for apps than Google. When Apple told Facebook that it should voluntarily remove Onavo from the App Store last year, Apple also released this statement:
“With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used.”
At that time, Google had nothing to say about the Onavo app, nor does the app appear to have triggered any kind of response from Google in the time since. As I mentioned, you can download it right now if you want. (You shouldn’t.)
As for Facebook Research, you won’t find an app with that name on the Google Play Store. I’m not in the program, but I presume participants receive a link to sideload an app onto their devices when they sign up to participate. And when you do, the app slaps a new certificate and VPN onto your device, which is how Facebook can get a glimpse into pretty much everything you do.