Facebook Collected Device Data On 187,000 Users Using Banned Snooping

Facebook obtained personal and sensitive device data on about 187,000 users of its now-defunct Research app, which Apple banned earlier this year after the app violated its rules. TechCrunch reports: The social media giant said in a letter to Sen. Richard Blumenthal's office -- which TechCrunch obtained -- that it collected data on 31,000 users in the U.S., including 4,300 teenagers. The rest of the collected data came from users in India. "We know that the provisioning profile for the Facebook Research app was created on April 19, 2017, but this does not necessarily correlate to the date that Facebook distributed the provisioning profile to end users," said Timothy Powderly, Apple's director of federal affairs, in his letter. Facebook said the app dated back to 2016.

These "research" apps relied on willing participants to download the app from outside the app store and use the Apple-issued developer certificates to install the apps. Then, the apps would install a root network certificate, allowing the app to collect all the data out of the device -- like web browsing histories, encrypted messages and mobile app activity -- potentially also including data from their friends -- for competitive analysis. In Facebook's case, the research app -- dubbed Project Atlas -- was a repackaged version of its Onavo VPN app, which Facebook was forced to remove from Apple's App Store last year for gathering too much device data. Just this week, Facebook relaunched its research app as Study, only available on Google Play and for users who have been approved through Facebook's research partner, Applause. Facebook said it would be more transparent about how it collects user data.

Re:

[sdinfoserv]

The data you type into facebook is NO LONGER in your house. Thus legally, there can be no expectation of privacy.

Re: 4th amendment

[Zero__Kelvin]

The data you keep in your car parked at a private club is no longer in your house. Is it protected? How about the data in your pocket that you hand in the clubs closet, or on those hooks in plain view in public restaraunts? Those are not in your house. Are they still private? I guess you didn't think your position out very much, now, did you?

Re:

[sdinfoserv]

You can say, "What about" till the end of time, but legally, "your home is your castle" ends at the door.. The standard is -When you put out the garbage, that is legally searchable without a warrant because it's no longer "in your home". The Government, mainly law enforcement have used that argument for decades that anything outside of your home is fair game and needs no warrant. A locked car can be search with probable cause... "probable cause" is a cops opinion. If you do not consent to a search, an

Re:

[Aighearach]

That's not true. If you leave your garbage out on the curb, you don't have a privacy interest because you already surrendered it.

If you lock your garbage up, you still control it and do have a privacy interest.

Re:

[Zero__Kelvin]

You clearly have no experience in any of this. The legally, "your home is your castle" ends at the door statement gives your cluelessness away, and no, probable cause is absolutely not a cops opinion. If it was then the 4th amendment would say "except if in a cops opinion these rights should be discarded." While it is true that a judge MIGHT grant the warrant, said warrant will be considered improper and all evidence obtained will be thrown out if was granted based on the cops opinion. From there any addit

Re:

[Travelsonic]

I'm not sure if that's how it works - after all, your banking details aren't in your house, yet they must be protected - and people can't just enter your car just because it is out on a public street (barring obvious legal exceptions).

Re:

[Bravadon't]

there can't be any expectations of privacy in the internet. Companies, government, social networks, everyone's trying to collect your data. Some countries are trying to make VPN providers block banned sites, like in Russia for example. Fortunately, there are pretty enough of them. https://vpn-review.com/ [vpn-review.com] these popular ones, there's going to be even more.

Re: The advertising industry learned 2 things

[Zero__Kelvin]

I can't tell if you are more upset because you don't have one of those eggs or a vagina. I'm guessing both.

Re: The advertising industry learned 2 things

[Zero__Kelvin]

Yeah man ... Only an idiot would protect someone with Downs Syndrome for example. Let 'em run in front of a bus I say ... You fucking idiot.

It's a good sign

[iMadeGhostzilla]

They wouldn't be doing all that if things were going in the right direction for them with the regular crap they are peddling, would they. The slow fall into disrepair is near.

Re:

[Dru Nemeton]

You may be mistaking "Drunk on Power" with "Disrepair". The more data that FB can collect the richer it becomes, and the more powerful it becomes.

They've shown zero willingness to curtail their evil ways, and only show remorse (if you want to call it that) when/if they get caught.

Sheeple

[sdinfoserv]

Hey, Sheeple... this ends tomorrow if you all just stop using facebook and delete your accounts. Get out in meatspace and walk, smell the flowers, call you mother like on the phone, ride a bike, make a snowman, you know .. live.

Re: Sheeple

[Zero__Kelvin]

.... which is just a long winded way of saying it isn't ending tomorrow or anytime soon.

Re:

[sdinfoserv]

It's a bag of bricks. Just put it down.

Unwitting snitches

[mrwireless]

The reason why Facebook's practice is so nefarious has to do with the core distinction between types of data. Broad speaking there is the data that you provide willingly and knowingly (like when you provide data in a form), and the data that was 'gleamed' from you. This can be observed behavioural data (e.g. mouse movements on a web page), or data that was inferred an derived from the other data. Basically, there is an important distinction between "your data" and "data about you".

What Facebook is doing here is all about the second type, the derived data. By having such detailed data about a subset of society, Facebook can train it's algorithms to better analyze people who are less transparent.

For example, its algorithms can look at the highly transparent people and find that people with bowel cancer tend to like Facebook pages (and visit websites) about gardening and Shakira slightly more than healthy people. It can then look at all people who exhibit the same pattern and say "they may have an elevated risk of having bowel cancer". The databroker world, which Facebook is a big part of, it all about selling profiles full of these algorithmically derived risk scores.

This is the difference between "data science" and actual science. Actual science cares about finding causation. Data science is happy enough to sell any correlation its algorithms spot.

Put simply: the few people who are highly transparant act like 'snitches' on the rest of us. They allow dubious algorithms to be trained which are then set loose on the rest of us.

Re:

[drinkypoo]

Facebook itself is the non-unwitting snitch.

There are two kinds of data, but not the kind which is gleaned and the kind which is given, but the kind I want out there, and the kind I don't. Any other distinction is meaningless to me.

Re:

[Aighearach]

But isn't it totally obvious that there would be a connection between gleaming data and Shakira?

The more we learn about Facebook...

[QuietLagoon]

... the more evil Facebook looks.

The malicious intent was already obvious...

[slash2019]

The malicious intent was already obvious when FB started separating their messaging functionality from the main app. It was meant to harvest phone information not related to FB (phone contacts, SMS content, etc.). I initially switched to Lite app to avoid that, but FB is so determined to get the users' non-FB info, so they phased out the built-in messaging from that app also. Since then I quit using FB app on any device. I only use it inside a browser. If not for the need to get in touch with relatives and

Re: The malicious intent was already obvious...

[mimi22]

with probable cause... "probable cause" is a cops opinion. If you do not consent to a search, and they want to be dicks, cops can impound your vehicle till they get a warrant, which will be granted, then it will be searched. Meanwhile you're out a vehicle even if nothing is found. game lost. https://bluestacks.vip/ [bluestacks.vip] https://luckypatcher.pro/ [luckypatcher.pro] https://kodi.software/ [kodi.software]