Featured Image Credit: Photo by Digitalpfade on Pixabay
On 30 January 2019, Facebook employees came into work to a nasty surprise: the company’s internal iOS apps for managing transit options, testing prerelease software, and even ordering lunch had all stopped working. The move was punishment by Apple for Facebook bypassing App Store policies by distributing a data-collecting app that relied on an Enterprise Developer Program certificate to paid users, some as young as 13. Apple told Recode:
We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.
The Facebook Research app in question was likely a derivative of Facebook’s Onavo Protect VPN—see “Beware “Protect” In Facebook’s iOS App,” 14 February 2018—which Facebook eventually removed from the App Store under pressure from Apple. Employees inside Facebook are furious at both Apple and their employer, while Facebook tries to negotiate with Apple to get the certificates reinstated. Meanwhile, Google was also caught distributing a similar app in a similar manner but has now disabled it and apologized.