Security Experts:

Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Mobile & Wireless

Facebook Pulls Security App From Apple Store Over Privacy

Facebook has pulled one of its own products from Apple’s app store because it didn’t want to stop tracking what people were doing on their iPhones. Facebook also banned a quiz app from its social network for possible privacy intrusions on about 4 million users.

Facebook has pulled one of its own products from Apple’s app store because it didn’t want to stop tracking what people were doing on their iPhones. Facebook also banned a quiz app from its social network for possible privacy intrusions on about 4 million users.

The twin developments come as Facebook is under intense scrutiny over privacy following the Cambridge Analytica scandal earlier this year. Allegations that the political consultancy used personal information harvested from 87 million Facebook accounts have dented Facebook’s reputation.

Since the scandal broke, Facebook has investigated thousands of apps and suspended more than 400 of them over data-sharing concerns.

The social media company said late Wednesday that it took action against the myPersonality quiz app, saying that its creators refused an inspection. But even as Facebook did that, it found its own Onavo Protect security app at odds with Apple’s tighter rules for applications.

Onavo Protect is a virtual-private network service aimed at helping users secure their personal information over public Wi-Fi networks. The app also alerts users when other apps use too much data.

Since acquiring Onavo in 2013, Facebook has used it to track what apps people were using on phones. This surveillance helped Facebook detect trendy services, tipping off the company to startups it might want to buy and areas it might want to work on for upcoming features.

Facebook said in a statement that it has “always been clear when people download Onavo about the information that is collected and how it is used.”

But Onavo fell out of compliance with Apple’s app-store guidelines after they were tightened two months ago to protect the reservoir of personal information that people keep on their iPhones and iPads.

Apple’s revised guidelines require apps to get users’ express consent before recording and logging their activity on a device. According to Apple, the new rules also “made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing.”

Facebook will still be able to deploy Onavo on devices powered by Google’s Android software.

Onavo’s ouster from Apple’s app store widens the rift between two of the world’s most popular companies.

Apple CEO Tim Cook has been outspoken in his belief that Facebook does a shoddy job of protecting its 2.2 billion users’ privacy — something that he has framed as “a fundamental human right.”

Cook sharpened his criticism following the Cambridge Analytica scandal. He emphasized that Apple would never be caught in the same situation as Facebook because it doesn’t collect information about its customers to sell advertising. Facebook CEO Mark Zuckerberg fired back in a separate interview and called Cook’s remarks “extremely glib.” Zuckerberg implied that Apple caters primarily to rich people with a line of products that includes the $1,000 iPhone X.

Late Wednesday, Facebook said it moved to ban the myPersonality app after it found user information was shared with researchers and companies “with only limited protections in place.” The company said it would notify the app’s users that their data may have been misused.

It said myPersonality was “mainly active” prior to 2012. Though Facebook has tightened its rules since then, it is only now reviewing those older apps following the Cambridge Analytica scandal.

The app was created in 2007 by researcher David Stillwell and allowed users to take a personality questionnaire and get feedback on the results.

“There was no misuse of personal data,” Stillwell said in a statement, adding that “this ban appears to be purely cosmetic.” Stillwell said users gave their consent and the app’s data was fully anonymized before it was used for academic research. He also rejected Facebook’s assertion that he refused to submit to an audit.

Written By

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Expert Insights

Related Content

Mobile & Wireless

Apple rolled out iOS 16.3 and macOS Ventura 13.2 to cover serious security vulnerabilities.

Mobile & Wireless

Technical details published for an Arm Mali GPU flaw leading to arbitrary kernel code execution and root on Pixel 6.

Mobile & Wireless

Apple’s iOS 12.5.7 update patches CVE-2022-42856, an actively exploited vulnerability, in old iPhones and iPads.

Mobile & Wireless

Two vulnerabilities in Samsung’s Galaxy Store that could be exploited to install applications or execute JavaScript code by launching a web page.

Mobile & Wireless

South Dakota Gov. Kristi Noem says her personal cell phone was hacked and linked it to the release of documents by the January 6...

Mobile & Wireless

Infonetics Research has shared excerpts from its Mobile Device Security Client Software market size and forecasts report, which tracks enterprise and consumer security client...

Cybercrime

A digital ad fraud scheme dubbed "VastFlux" spoofed over 1,700 apps and peaked at 12 billion ad requests per day before being shut down.

Cybersecurity Funding

Los Gatos, Calif-based data protection and privacy firm Titaniam has raised $6 million seed funding from Refinery Ventures, with participation from Fusion Fund, Shasta...