Facebook used a research app to collect device data from hundreds of thousands by exploiting Apple-issued enterprise developer certificates…
Back in January, it was learned both Google and Facebook used Apple-issued enterprise developer certificates to circumvent various rules. Facebook used “Project Atlas” to collect private data from teens for $20 per month.
Now, a new report by TechCrunch reveals another Facebook scandal. Apparently, Facebook collected users’ sensitive device data through a now defunct research app.
Facebook Research App Collected Users’ Device Data
Approximately 187,000 people were affected, with 31,000 located in the United States, including 4,300 teens. (The remainder came from users in India.)
Facebook states the app dates back to 2016.
Timothy Powderly, Apple’s director of federal affairs wrote:
“We know that the provisioning profile for the Facebook Research app was created on April 19, 2017, but this does not necessarily correlate to the date that Facebook distributed the provisioning profile to end users.”
Apple revoked both Facebook’s and Google’s enterprise certificates.