Beware “Protect” In Facebook’s iOS App
In case you ever doubted Facebook’s commitment to hoovering up as much information about you as it can, the company has come under fire for a change in the Facebook app for iOS in the United States. In the last few days, users have discovered a new option when you tap the hamburger button to access your pages, shortcuts, and settings. In that screen is a section called Explore that lets you get to a vast number of Facebook services, such as On This Day, Crisis Response, Live Videos, Find Wi-Fi, and Device Requests. There are so many, in fact, that the last one is Show More, and tapping that displays another
11, including the reassuringly named Protect.
However, tapping Protect takes you to the App Store and displays an app called Onavo Protect — VPN Security. It is indeed a VPN — a virtual private network — that securely tunnels all your traffic through Onavo’s servers. The problem is that, as you might expect from the link source, Onavo is owned by Facebook. If you were to stumble on Onavo Protect in the App Store, you’d have to tap More and read the full description to discover that. If you read all the way to the end, you’d learn that Onavo Protect
“directs all of your network communications through Onavo’s servers,” and that, “as part of this process, Onavo collects your mobile data traffic.”
Clearly, that menu item in the Facebook app should be labeled “Collect” instead of “Protect.”
Even if Onavo Protect is nominally legitimate, albeit a massive privacy violation, quite a number of its reviews seem fake, which is also troubling. Since there are no iPhone viruses, I can only assume that these are paid-for reviews. (The alternative is to assume that there are a lot of users who think all the icons wiggling on the screen indicates a virus infection, not an errant finger press.)
Despite its recent appearance in the iOS Facebook app, Onavo Protect isn’t new, and was a source of controversy last year when the Wall Street Journal reported that Facebook used Onavo-sourced data to determine that usage of the competing Snapchat app was slowing months before Snap announced that fact. Plus, Facebook linked to the Onavo
Protect app in the UK version of the Facebook app (on both iOS and Android) starting in 2016, though there was little reporting on that fact then. TechCrunch reports that about 62 percent of Onavo Protect’s 33 million installs come from Google Play (for Android), suggesting that about 12.5 million iOS users have installed Onavo Protect. The lower uptake rate in iOS might account for why Facebook is now promoting Onavo Protect in its iOS app in the United States — and possibly in other locations.
It’s bad enough when some unknown company provides a free VPN service in order to collect data about its users. It’s another thing when the company in question is part of Facebook, and that data can be combined with both any data you’ve allowed Facebook to have and any data about you that people you know have inadvertently provided to Facebook.
Our recommendation: If you use the Facebook app on your iPhone or iPad, don’t get suckered into installing Onavo Protect. And if you have installed Onavo Protect already for some reason, delete it unless you like revealing everything you do on your device to Facebook.
Thanks for this. I don’t have it. Have decided to slowly stop using the app. It has too much rubbish on it.
I gave up on the Facebook app ages ago. Too Confusing. When I do wish to use Facebook on my iOS device, their website works well enough in Safari.
Seems like an intent to deceive. Isn't that called FRAUD, which is punishable by law?
Certainly it's fraud if they deceive you with intent to induce you to give them money, goods, or service. Not so certain if they just collect information even though they can sell that for value. An argument would be you haven't lost your information, they have just gained a copy, and you weren't selling it to anyone so you haven't lost its value. Interesting case to try.
First there was this news...
...and then I was checking out using TeamViewer on iOS to help troubleshoot family members on iPhone issues when I noted that the only other app that makes use of iOS 11's new screen recording feature was... Facebook. Not as yet 'implemented' but there, presumably so people can send 'Hey, look what I'm doing with my iPhone' live to their friends... and of course the data harvesting operations in place.
Having not used FB for about a year now, I finally deleted both it and Messenger from all devices and de-activated my account.