Security & Privacy Technology

Facebook’s snooping app deals another blow to their reputation for trust

In yet another blow to Facebook’s trust profile, at least for the tiny few who understand what’s going on, Facebook’s Onavo “Protect” app has been pulled from Apple’s App store and is no longer available for download to iOS devices. Reports vary on whether Apple kicked them off or Facebook voluntarily withdrew it. But what is not disputed is that the app violated Apple’s new, tougher stance on data collection (snooping) by apps on their devices.

The Onavo app became a Facebook property in 2013 when they bought the Israeli company for some $200million. It acts as a VPN – Virtual Private Network which means that once installed, all of your internet traffic goes first to their servers and then out to the internet. The benefit of this for customers is that Onavo can filter out bad and scam websites and can help keep you secure by ensuring that all your traffic is encrypted and to some extent, protected.

Remember who the customer is here, it’s not you.

Sounds great – but the issue is that Facebook couldn’t help itself but poke around within the internet streams and extract data for their own benefits – remember with Facebook you are the product and the advertiser is the customer. So they’ve been found to be extracting information as to which apps everyone has been using, how much and how often and then using that for their own commercial purposes. This data is valuable, for example, it has allowed them to see how the Facebook-owned Instagram service is competing with Snapchat for user’s attention and how service changes and improvements are going down with users.  Ultimately, this is in violation of Apple’s new stricter app store rules which don’t allow apps to snoop on other apps for marketing or other purposes.

VPN’s, of which there are hundreds, can be a great way to improve your online security and I use one myself. But only as long as you trust the company providing the service. Because once installed and activated, all of your internet traffic – every keystroke, every message, every web page viewed goes through them so they have the ability, should they choose to use it, to snoop and track on every single site you visit. I use one called Express VPN which is based in Bermuda and claims to hold no logs, no records at all and I just hope that they’re not lying.

Android users remain exposed (as usual)

Onavo has already been downloaded more than 33 million times across iOS and Android so there are likely tens of millions of people still using it plus it continues to be available for download on the Google Play store for Android. The Android app store is relatively unpoliced and left as the Wild-West compared to Apple’s more protected and policed store where apps are tested from security, privacy and performance angles before being allowed on.

Most of us have barely any idea of how much data is being collected on us and what conclusions are being drawn about us and marketed to online advertisers by the seemingly innocent tools we use daily. And it’s made harder when someone gets themselves technically educated enough (or possibly duped) into installing something like a VPN that should protect them, only to find that actually it reveals more and more about behaviour that they thought was private to a corporation like Facebook.

I was chatting with a friend that works for Facebook recently and he pointed out that they don’t need to pay any attention to your “in a relationship with” setting – they know exactly who you’re in a relationship with whether you declare it or not. Once you have the Facebook app installed on your phone, they’re tracking your location 24/7. So they know exactly who you’re sleeping with and where you’re waking up whether you choose to state it yourself or not. Surprising? Scary? Desirable? That’s how when your partner mentions something an ad appears for it on your phone – because Facebook tracked them searching for it earlier and they know that you’re both connected.

It’s another marker of what has been described as an online privacy divide.

The divide is happening on two axis – education and wealth. In order to have any degree of online privacy or even a hope of it, you need to be unreasonably well-educated on how the technology works and who is doing what. But you also need to be wealthy. Apple’s iPhones are more expensive than Andriod phones and they rarely get subsidised to low or zero costs like cheaper Android phones do. On average, iPhone users are 72% more likely to have a household income of above £70,000 compared to Android users.

With Apple, the hardware is the product and they want to keep selling you phones, iPads and laptops, plus increasingly services like music and TV. They can afford to lock down privacy because they don’t have any meaningful advertising business. But with Google, Facebook, Android and the companies behind the tech that less well-off people are using more – you and your data are the product and they’re going to extract every piece of you that they can to sell it to someone else. Like at work, technology is making the divide between the richer and poorer in society get bigger again.

Wealthier people have a chance of privacy, poor people have none.

I’m not a Facebook hater and I own shares in Facebook myself – it’s an amazing and dominant advertising business that I think is going to thrive and make a lot of money. But I’m increasingly unwilling to be part of their products personally and have been using the platform a lot less and with a lot more caution.

I realise this makes me look and sound like a hypocrite but I never claimed to be an ethical investor, or an ethical consumer either. I just think businesses perform better when we treat people as humans and let them bring their whole selves to work and I worry about increasing inequity in the future of work. So while I’m not claiming to be always ethical in my own personal choices, I am going to be more honest about them so we can have the discussion and debate in the open.


Glenn Elliott is a technology entrepreneur, investor and advisor, MBA drop-out and recovering CEO with 20 years of experience. His bestselling book Build it: The Rebel Playbook for Employee Engagement is published by Wiley. He writes about people, culture, leadership, technology and the future of work weekly at 

If you liked this article you can make his day by sharing it on LinkedIn, Twitter or joining his VIP list by subscribing to this blog.

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.