How I Quit Facebook But Not Google After Apple Revokes their Certificates

Once again, Google and Facebook give a strong indication of their desperation to collect users’ data.

The two largest data collecting companies are aggressively targeting teens by bribing them to download a VPN for their so-called research program: “Research Facebook” and “Screenwise Meter.”

But what’s their end goal?

To gulp all the data from users devices. Be it personal photos, app usage activity or browsing history, you name it. These suspicious apps will record it…

However, this is not the first time that these two online giants devised a dark plan to destroy users privacy.

Similar to these two research programs, Facebook was operating another data collecting project called Onavo Protect.

Thankfully in August 2018, Apple decided to remove Facebook’s data collecting app “Onavo Protect” from its App Store.

And you can expect nothing less from Google.

Both online giants avoid the official App Store and offer incentives to users to download their apps.

This explains the scenario that there is no way to stop these online giants from collecting your data.

However, there is a way to sort, which type of data you should share and/or  avoid. That is why it is important that you read this guide and do not get sucked into the trap set by Facebook and Google.

In this article, I will help you to understand why I am ready to quit Facebook but not Google.

So, let’s get started!

How Facebook Bribes Users to Install a VPN that Monitors their Online Activities

A few days ago, TechCrunch reported that Facebook was running a research project to collect data usage patterns of users.

The social media giant was secretly paying iOS users of ages 13 to 35 up to $20 a month to sell their data via the app.

Furthermore, Facebook also offers a referral commission if a user successfully enrolled their friends and family in their research program.

Not only that, Facebook just showed its real face by asking participants to screenshot their Amazon history page.

The project manages through beta testing services uTest, BetaBound, and Applause. And this research program refers to papers as “Project Atlas.”

Potential of Facebook Research App to Collect Users Data

According to The Guardian mobile expert, Will Strafach:

“If Facebook makes full use of the level of access they are given by asking users to install the Certificate.

They will have the ability to continuously collect the following types of data: private messages in social media apps, chats from in instant messaging apps.

Including photos/videos sent to others, emails, web searches, web browsing activity, and even ongoing location information by tapping into the feeds of any location-tracking apps you may have installed.”

It is still vague regarding what kind of data Facebook is looking for. However, it gets infinite access to users’ device once they install their VPN app.

Meanwhile, the plan shows Facebook desperate attempt to maintain its dominance by paying users. And without bothering the risk of violating Apple’s iOS policy.

Strafach further explains the situation regarding what Facebook is trying to do by paying users:

“The fairly technical sounding ‘install our Root Certificate’ step is appalling. These hands Facebook continuous access to the most sensitive data about you.

And most users are going to be unable to reasonably consent to this regardless of any agreement they sign.

Because there is no good way to articulate just how much power is handed to Facebook when you do this.”

Apple’s CEO “Tim Cook” on the other side, is never happy with it and criticize Facebook’s data collection practices.

Facebook’s Data Collecting App “Project Atlas”

According to TechCrunch, Apple earlier banned Facebook’s data collecting “Onavo Protect” app. However, Facebook still finds a way to collect users’ data by paying them to install a VPN from outside the App Store.

Further investigation by TechCrunch revealed that Facebook runs its research program under three beta testing apps: BetaBound, uTest, and Applause.

Facebook started the distribution of VPN in 2016, and after mid-2018, the research program name changed to “Project Atlas.”

But Facebook did not want to stop collecting users’ data. So even after getting a strict action by Apple, Facebook continued its research program.

After realizing what Facebook was doing, Apple cancels Facebook’s developer certificates for misusing the Developer Enterprise Program:

“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization,” Apple said in a statement distributed to media outlets this morning.

“Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple.

 Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

Canceling Facebook certificates on the iOS platform does not mean any of its apps is kicked out from the App Store.

However, according to Cheddar reports, by revoking Facebook from the Enterprise Developer Program will blow out beta testing apps that are collect users data.

This is incredible:
None of Facebook’s internal iOS apps/betas (used by thousands of employees) are working right now because Apple just revoked the company’s certificate. They won’t open.

For employees to use Facebook products on iOS they have to go download from the App Store.

— Alex Heath (@alexeheath) January 30, 2019

How Facebook’s “Project Atlas” Works?

Facebook runs its research program on Instagram and Snapchat through uTest with the help of online ads. This uTest app targets youth from 13-17 years old for the paid research program.

To add, the signup page which is not working now does not give any sign that it is a part of the Facebook Research program. However, it targets users from age 13 to 35 years old.

Furthermore, parental permission is there if the user falls under the bracket of 13-17 age. And permission agreement reveals Facebook’s involvement that says:

 “There are no known risks associated with the project. However, you acknowledge that the inherent nature of the project involves the tracking of personal information via your child’s use of apps. You will be compensated by Applause for your child’s participation.” 

This is something enticing for kids who are short on cash and want to make quick $20 by selling their privacy. Additionally, when it was working, it explains what kind of data they collected for the Facebook research program:

“By installing the software, you’re giving our client permission to collect data from your phone that will help them understand how you browse the internet.

 And how you use the features in the apps you’ve installed. This means you are letting our client collect information such as which apps are on your phone.

How and when you use them, data about your activities and content within those apps, as well as how other people interact with you or your content within those apps.

You are also letting our client collect information about your internet browsing activity (including the websites you visit and data that is exchanged between your device and those websites).

And your use of other online services. There are some instances when our client will collect this information even where the app uses encryption, or from within secure browser sessions.”

BetaBound

BetaBound, on the other hand, shows “Atlas” in its URL and explains to get $20 every month you will require installing an app that runs in the background.

The BetaBound website also does not show the Facebook name. However, the steps for installing the VPN reveal the involvement of the social giant.

Moreover, it looks like since Apple blocks Onavo Protect app from App Store, social giant purposely skips TestFlight.

TestFlight is Apple’s official beta testing program that requires the app to be reviewed by Apple first under the supervision of 10,000 developers only.

In Short…

Instead of the App Store, users can only download the app from “r.facebook-program.com.” Also, users need to install a specific Enterprise Developer Certificate and VPN by switching to Trust Facebook.

This gives Facebook root access in the users’ device to transmit data.

Apple released the Enterprise Developer Certificate to use it only for managing internal apps for Facebook employees.

It means the social media giant hurts the trust of Apple by using this service to collect users’ data by bribing them.

Once the application is installed, the only thing Facebook wants is to keep running is the VPN that gives root access to data.

Not only have that, but one of the beta testing app Applause also asked users to send their Amazon orders page.

Maybe this kind of data helps Facebook in analyzing users browsing behavior and usage of other apps. This will help it to enhance its target marketing algorithm.

Further, TechCrunch commissioned Strafach to analyze the Facebook Research app and find out where it was sending data.

He confirmed that data redirects towards “vpn-sjc1.v.facebook-program.com” that is associated with Onavo’s IP address.

And the facebook-program.com domain is registered with Facebook, according to MarkMonitor.

The app can update itself without interacting with the App Store and links to the email address:  PeopleJourney@fb.com.

He also discovered that the Enterprise Certificate indicates Facebook renewed it on June 27th,

Apple’s Response: Bans Facebook Research App

How Apple reacts towards the situation deserves all praises. Apple bans Facebook Research app before social giant voluntarily closes it.

Apple officials told TechCrunch that it canceled Facebook’s Enterprise Certificate that gives access to offer Research App without using the App Store.

And not only this, but all of the apps that were used by Facebook employees shut down by Apple against the violation of privacy policy.

Further, after Apple released a statement about revoking Facebook’s Research Program from iOS:

“We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization.

Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple.

Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.”

How is Google Spying on Users By Offering Gift Card Incentives

It seems like Facebook was not the only one violating Apple’s policies of distributing the internal app. Similar to social giant’s “Project Atlas,” Google is also running “Screenwise Meter” app.

However, Apple also banished Google’s “Screenwise Meter” app, after what TechCrunch revealed earlier.

The procedure of the Screenwise app invites users who are 18 or above to download the app. Users can download the app through a unique code and registration process using Enterprise Certificate.

This reveals the similar kind of Apple’s policy violation by Google, which makes Apple bans Screenwise immediately.

Google Accepts Its Mistake: Makes It Way Better Than Facebook

When TechCrunch official asked Google regarding the violation of Apple’s policy or not, Google immediately stated that it will remove Screenwise Meter from the Enterprise program on iOS.

Google further told TechCrunch:

“The Screenwise Meter iOS app should not have operated under Apple’s developer enterprise program — this was a mistake, and we apologize.

We have disabled this app on iOS devices. This app is completely voluntary and always has been.

We’ve been upfront with users about the way we use their data in this app, we have no access to encrypted data in apps and on devices, and users can opt out of the program at any time.”

Screenwise Meter App not so Wise at All

Initiated in 2012, Google’s app invites users to get gift cards for downloading VPN from outside the App Store.

This Enterprise Certificate VPN gives access to users’ iOS devices to monitor and track online activities. Further, Google rebrands its research app as a part of its reward system and media panel.

Google’s reward system offers incentives for installing monitoring systems on their devices, desktop, router, and TV.

Even, Google’s sends users a unique router to monitor t