Facebook pulls Onavo Protect from App Store after Apple finds it violates privacy policy [...

Posted:
in iPhone edited August 2018
Facebook on Wednesday pulled its VPN service Onavo Protect from the iOS App Store after Apple found the app in violation of newly implemented privacy policies.




Citing sources familiar with the matter, The Wall Street Journal reports Apple earlier this month informed Facebook that Onavo Protect was in violation of App Store policies implemented in June.

Specifically, the software ran afoul of data collection restrictions and parts of the iPhone maker's developer agreement covering customer data usage. Referring to the latter, Apple said Onavo Protect used data for purposes not directly related to app functionality or for serving up advertising to users.

Available as a free download, Onavo's app allowed users to create a virtual private network that routes internet browser traffic to Facebook servers for filtering out malicious content. The app is advertised as a consumer protection tool that blocks "potentially harmful websites" and secures personal information when utilizing web browsers like Safari.

Onavo Protect's FAQ webpage notes, "Onavo Protect blocks online threats when browsing the web using your iPhone or iPad. To function properly, you need to successfully install a profile during the first launch of the app, which in turns sets up a VPN on the device."

More importantly for Facebook, Onavo granted free access to its users' internet activity, invaluable information for firms keen on sniffing out consumer sentiment. According to The Journal, data from Onavo was used to bolster Facebook's product and acquisition strategy, and helped inform industry moves including the purchase of WhatsApp and a venture into live video.

Representatives from Apple and Facebook discussed the privacy issue in a series of meetings last week, at least one of which was held at Apple Park, the report said. Upon Apple's suggestion, Facebook agreed to pull Onavo Protect from the App Store.

"We work hard to protect user privacy and data security throughout the Apple ecosystem," Apple said in a statement to TechCrunch. "With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user's device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used."

The takedown does not affect users who already downloaded the app, which will continue to function normally. Due to the takedown, however, Facebook will be unable to push out updates for the title on iOS.

Onavo Protect remains available for Android via the Google Play Store.

Updated with statement from Apple.

Comments

  • Reply 1 of 13
    claire1claire1 Posts: 510unconfirmed, member
    Time to remove all the Goog apps for the same violation.
    magman1979lolliverlongpathlostkiwiolswatto_cobra
  • Reply 2 of 13
    MplsPMplsP Posts: 3,911member
    I’m not sure which is more laughable - the fact that facebook would claim to help you “secure personal information,” or the fact that there are people that would trust them to do it. Facebook has as much interest in protecting your personal information as a Russian hacker has in protecting your passwords. 
    peterhartmagman1979mejsriclolliverStrangeDaysclaire1pvonklostkiwiolsCarnage
  • Reply 3 of 13
    davgregdavgreg Posts: 1,036member
    Facebook is data mining users? I’m shocked! shocked!
    claire1longpathlostkiwiolsCarnagewatto_cobra
  • Reply 4 of 13
    flydogflydog Posts: 1,123member
    MplsP said:
    I’m not sure which is more laughable - the fact that facebook would claim to help you “secure personal information,” or the fact that there are people that would trust them to do it. Facebook has as much interest in protecting your personal information as a Russian hacker has in protecting your passwords. 
    I think the problem is lack of transparency in what was being collected and how. Most people probably assume the collection of data is limited to email address and other things they affirmatively provide, and not browsing habits, location, etc. 
    StrangeDayslostkiwiols
  • Reply 5 of 13
    claire1claire1 Posts: 510unconfirmed, member
    flydog said:
    MplsP said:
    I’m not sure which is more laughable - the fact that facebook would claim to help you “secure personal information,” or the fact that there are people that would trust them to do it. Facebook has as much interest in protecting your personal information as a Russian hacker has in protecting your passwords. 
    I think the problem is lack of transparency in what was being collected and how. Most people probably assume the collection of data is limited to email address and other things they affirmatively provide, and not browsing habits, location, etc. 
    Yeah try explaining that to the iKnockoff fans.
    lostkiwiolswatto_cobra
  • Reply 6 of 13
    slurpyslurpy Posts: 5,382member
    Facebook owns Onavo Protect?! When the fuck did this happen?
    olswatto_cobra
  • Reply 7 of 13
    MplsPMplsP Posts: 3,911member
    flydog said:
    MplsP said:
    I’m not sure which is more laughable - the fact that facebook would claim to help you “secure personal information,” or the fact that there are people that would trust them to do it. Facebook has as much interest in protecting your personal information as a Russian hacker has in protecting your passwords. 
    I think the problem is lack of transparency in what was being collected and how. Most people probably assume the collection of data is limited to email address and other things they affirmatively provide, and not browsing habits, location, etc. 
    The problem is, by definition, anyone who is using VPN software is by definition concerned about security and using it to prevent snooping and tracking of activity. The fact that this software created a VPN specifically to allow Facebook to snoop on your activity is beyond 'lack of transparency,' it's outright deceit and would qualify as malware in many respects. 
    lostkiwiolswatto_cobra
  • Reply 8 of 13
    lolliverlolliver Posts: 493member
    slurpy said:
    Facebook owns Onavo Protect?! When the fuck did this happen?

    October 2013, although the App listing wasn't very clear that it was owned by facebook. 

    https://en.wikipedia.org/wiki/Onavo
    edited August 2018 lostkiwiolswatto_cobra
  • Reply 9 of 13
    chasmchasm Posts: 3,275member
    Facebook-approved spyware gets shot down by Apple? THE DEUCE YOU SAY.

    I’m surprised Google is still allowing it. When it comes to spyware, they hate competition.
    edited August 2018 MplsPwatto_cobra
  • Reply 10 of 13
    Rayz2016Rayz2016 Posts: 6,957member
    chasm said:
    Facebook-approved spyware gets shot down by Apple? THE DEUCE YOU SAY.

    I’m surprised Google is still allowing it. When it comes to spyware, they hate competition.
    Well, if Google took it down then it would look a little hypocritical, which would draw more attention to them, which they don’t need right now. 
    dewmechasmwatto_cobra
  • Reply 11 of 13
    DAalsethDAalseth Posts: 2,783member
    flydog said:
    MplsP said:
    I’m not sure which is more laughable - the fact that facebook would claim to help you “secure personal information,” or the fact that there are people that would trust them to do it. Facebook has as much interest in protecting your personal information as a Russian hacker has in protecting your passwords. 
    I think the problem is lack of transparency in what was being collected and how. Most people probably assume the collection of data is limited to email address and other things they affirmatively provide, and not browsing habits, location, etc. 
    Except it's FACEBOOK. The people who would data-mine your soul and sell it to the highest bidder if they could. Of course they would use it to mine any data they possibly could. The idea of a FaceBook VPN is as absurd as a paper mache submarine. 
    edited August 2018 watto_cobra
  • Reply 12 of 13
    gatorguygatorguy Posts: 24,178member
    Surprised it was rated so high, and especially as they were saying right up front what they were doing in the app description. 
    "... As part of this process, Onavo collects your mobile data traffic. This helps us improve and operate the Onavo service by analyzing your use of websites, apps and data. Because we're part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences."

    Still Apple approved it.

    Reviewer "SprayPaintedGold" nailed it back in April:
    "Facebook is quite afraid of losing dominance in the publishing, data mining, and advertising business. They bought Onavo for one purpose: to identify popular app and web trends early to give Facebook a chance to buy popular companies or steal their popular features. As a user of this app, ALL of your web and app traffic will be analyzed by Facebook for this purpose. 

    Is the trade off worth it to use a free VPN? The only ‘protection’ this app offers is to obscure your unencrypted internet traffic from your ISP and other users on shared WiFi. Very few websites transmit logins, tokens, or keys unencrypted these days and the next WiFi standard will prevent users of the same access point from seeing each other’s traffic. iOS already offers fraudulent website warnings which makes the last feature of this app an unnecessary duplication. 

    Apple should change their developer agreement to ban the sort of data collection this app pursues."
    edited August 2018
  • Reply 13 of 13
    I used Onavo on occasion several years ago. Deleted the app the second I found out Facebook bought it. Not everyone follows tech news though and some might have kept using it because it was familiar.
    watto_cobra
Sign In or Register to comment.