The “Research App” gave the social media empire access to private messages and web search history
Facebook is pulling down a controversial app that paid users $20 per month to collect a wide range of data, including web search history and social media messages, the company said on Wednesday.
The social network told The Verge that it’s removing the “Facebook Research App” from Apple’s App Store, one day after TechCrunch reported that the company was using it to mine an extensive amount of information from its users. Facebook did not immediately respond to TheWrap’s request for comment on whether the app would remain available on Android.
Along with web searches and private messages, the app also allowed Facebook to view location history, emails, browsing activity, plus pictures and videos sent from a user’s phone, security specialist Will Strafach told TechCrunch. Facebook paid users between the ages of 13 and 35 to download the virtual private network app — with users 17 and younger requiring parental consent to continue. It’s unclear how many people were being paid to use the app.
Facebook, in a statement to The Verge, said less than 5 percent of the app’s users were teenagers.
“Key facts about this market research program are being ignored,” Facebook told The Verge. “Despite early reports, there was nothing ‘secret’ about this; it was literally called the Facebook Research App. It wasn’t ‘spying’ as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate.”
Compounding matters, Facebook potentially violated the App Store’s rules by asking users to install a custom root certificate on their phones, allowing the company to track and analyze user data. Typically, Apple only allows this sort of access for internal company apps used by employees. Apple did not immediately respond to TheWrap’s request for comment on if the Research App violated its policies and if it had asked Facebook to take down the app.
“The fairly technical sounding ‘install our Root Certificate’ step is appalling,” Strafach told TechCrunch. “This hands Facebook continuous access to the most sensitive data about you, and most users are going to be unable to reasonably consent to this regardless of any agreement they sign, because there is no good way to articulate just how much power is handed to Facebook when you do this.”
This wouldn’t be the first time Apple and Facebook have butted heads over an app; Apple yanked Onavo, a clandestine Facebook app that shared data on a user’s app usage, last August.
Facebook’s stock was unscathed by TechCrunch’s report, with shares trading up about 2 percent to $147 per share early on Wednesday. The company is set to report its fourth quarter earnings later in the day.