Apple Busts Facebook for Distributing Data-Sucking App - NBC Connecticut
National & International News
The day’s top national and international news

Apple Busts Facebook for Distributing Data-Sucking App

"Facebook was scooping up all incoming and outgoing data traffic from unwitting members of the public"

    processing...

    NEWSLETTERS

    Facebook Ends Program That Monitored Users’ Activity Via App

    Facebook will pull a controversial market research program from Apple’s operating system after a report revealed that it likely ran afoul of Apple's data collection policies, Facebook sources told NBC News early Wednesday. Bob Redell reports.

    (Published Wednesday, Jan. 30, 2019)

    Apple says Facebook can no longer distribute an app that paid users, including teenagers, to extensively track their phone and web use.

    In doing so, Apple closed off Facebook's efforts to sidestep Apple's app store and its tighter rules on privacy.

    The tech blog TechCrunch reported late Tuesday that Facebook paid people about $20 a month to install and use the Facebook Research app. While Facebook says this was done with permission, the company has a history of defining "permission" loosely and obscuring what data it collects.

    "I don't think they make it very clear to users precisely what level of access they were granting when they gave permission," mobile app security researcher Will Strafach said Wednesday. "There is simply no way the users understood this."

    Death Toll, Damages Climb From Typhoon Hagibis

    [NATL] Death Toll, Damages Climb From Typhoon Hagibis

    The death toll from Typhoon Hagibis climbed to 53 on Tuesday, days after it tore through Japan and left hundreds of thousands of homes wrecked, flooded or out of power. Hagibis caused more than 200 rivers to overflow when it hit the island nation on Saturday.

    (Published Tuesday, Oct. 15, 2019)

    He said Facebook's claim that users understood the scope of data collection was "muddying the waters."

    Facebook says fewer than 5 percent of the app's users were teens and they had parental permission. Nonetheless, the revelation is yet another blemish on Facebook's track record on privacy and could invite further regulatory scrutiny.

    And it comes less than a week after court documents revealed that Facebook allowed children to rack up huge bills on digital games and that it had rejected recommendations for addressing it for fear of hurting revenue growth.

    For now, the app appears to be available for Android phones, though not through Google's main app store. Google had no comment Wednesday.

    Apple said Facebook was distributing Facebook Research through an internal-distribution mechanism meant for company employees, not outsiders. Apple has revoked that capability.

    TechCrunch reported separately Wednesday that Google was using the same privileged access to Apple's mobile operating system for a market-research app, Screenwise Meter. Asked about it by The Associated Press, Google said it had disabled the app on Apple devices and apologized for its "mistake."

    Quadruple Murder Suspect Brings Body to Police Station

    [NATL] Quadruple Murder Suspect Brings Body to Police Station

    A Roseville, California, man is in custody after he turned himself in to police in connection to a quadruple homicide.  The body of one of his victims was in the car he drove to the police station in Mount Shasta, more than 200 miles away from the original Roseville crime scene.

    (Published Tuesday, Oct. 15, 2019)

    The company said Google had always been "upfront with users" about how it used data collected by the app, which offered users points that could be accrued for gift cards. In contrast to the Facebook Research app, Google said its Screenwise Meter app never asked users to let the company circumvent network encryption, meaning it is far less intrusive.

    Facebook is still permitted to distribute apps through Apple's app store, though such apps are reviewed by Apple ahead of time. And Apple's move Wednesday restricts Facebook's ability to test those apps — including core apps such as Facebook and Instagram — before they are released through the app store.

    Facebook previously pulled an app called Onavo Protect from Apple's app store because of its stricter requirements. But Strafach, who dismantled the Facebook Research app on TechCrunch's behalf, told the AP that it was mostly Onavo repackaged and rebranded, as the two apps shared about 98 percent of their code.

    As of Wednesday, a disclosure form on Betabound, one of the services that distributed Facebook Research, informed prospective users that by installing Facebook Research, they are letting Facebook collect a range of data. This includes information on apps users have installed, when they use them and what they do on them. Information is also collected on how other people interact with users and their content within those apps, according to the disclosure.

    Betabound warned that Facebook may collect information even when an app or web browser uses encryption.

    Strafach said emails, social media activities, private messages and just about anything else could be intercepted. He said the only data absolutely safe from snooping are from services, such as Signal and Apple's iMessages, that fully encrypt messages prior to transmission, a method known as end-to-end encryption.

    Taco Bell Recalls 2.3 Million Pounds of Ground Beef

    [NATL] Taco Bell Recalls 2.3 Million Pounds of Ground Beef

    Taco Bell has voluntarily recalled 2.3 million pounds of seasoned ground beef that originated at Kenosha Beef International in Columbus, Ohio, because of possible contamination with metal shavings. The USDA says there have been no confirmed reports of any adverse reaction.

    (Published Tuesday, Oct. 15, 2019)

    Strafach, who is CEO of Guardian Mobile Firewall, said he was aghast to discover Facebook caught red-handed violating Apple's trust.

    He said such traffic-capturing tools are only supposed to be for trusted partners to use internally. Instead, he said Facebook was scooping up all incoming and outgoing data traffic from unwitting members of the public — in an app geared toward teenagers.

    "This is very flagrantly not allowed," Strafach said. "It's mind-blowing how defiant Facebook was acting."

    Associated Press Writers Frank Bajak in Lima, Peru, and Kelvin Chan in London contributed to this story.