by Jim Lundy
As reported widely by TechCrunch earlier this year, Facebook announced that it was ending its practice of using its VPN Tool Onavo to spy on teenagers. This came after Apple forced the issue by revoking the Facebook Research App, which was masquerading as a VPN tool. Facebook was literally paying kids to use the apps so they could spy on their behavior.
Facebook’s questionable tactics should have enterprises on high alert.
Overall, this raises questions about Facebook, particularly over its business practices as it targets the enterprise.
Facebook’s Secret Spying Program
It isn’t like Facebook was upfront about what it was doing. Many parents had no idea. The apps being installed were from third party companies that included Applause, BetaBound, and uTest. Kids were paid up to $20 a month to allow Facebook to spy on their behaviors. As a parent, this would have infuriated me if I found out a firm like Facebook was watching what my kids were doing. So Kudos to Apple for pulling the plug on this invasion of privacy of kids.
Apple and the Privacy Wars In Silicon Valley: Sign In With Apple
Since all of this went down, Apple has upped its game. At its Worldwide Developer Conference (WWDC) in June, Apple announced its own website login app that it will begin to rollout, called Sign in with Apple.
Don’t Use Sign-in With Facebook
No matter what you think of Apple or Facebook, we recommend not using the “Sign in with Facebook” option on various apps. The reason is that Facebook uses the login to track your activity so that it can sell ads. They do this because publicly, it has stated that it’s an advertising platform versus a social network (what everyone thinks of Facebook).
Facebook in the Enterprise: Past Behavior Suggests Caution
Facebook is facing this and other concerns over its privacy practices, so it makes one wonder if it is being truthful about its effort with Workplace by Facebook. On October 31st last year, CNBC reported that after a hack of Facebook.com with up to 50 million passwords stolen, that it was separating its Workplace by Facebook domain from Facebook. Changing the domain probably is not enough to stop attacks and on top of that, Facebook could still be using the same practices it does with consumers relative to targeting people for ads.
Workplace by Facebook: Full Disclosure After the Fact
While Workplace by Facebook does not have ads, it still suggests that users could be monitored. The practice of letting customers know what has happened after the fact versus full disclosure of policies around security and privacy may make enterprises take a pause before they dive deep into a Workplace deployment.
Buyer Beware: Your Privacy is at Risk And California GDPR
If you live in Europe, your privacy is somewhat protected—the GDPR law is in effect, but it is not clear that Facebook has changed its policies. In the US, the California GDPR Law goes into effect on January 1st, 2020. It should be noted that some powerful firms tried to lobby against this law. Regardless, it is a buyer beware world. Before you download that free exercise app to your iPhone or Android device, read the fine print. In a majority of cases, the fine print says that the app provider will share your data with non other than Facebook.