Facebook-owned data security app called Onavo Protect could be trouble because of the decision by the social media company to limit the ability of developers to access and use data of users from mobile phones.
Onavo apparently provides a free virtual private network (VPN) to its users that the firm claims helps “keep you and your data safe when you browse and share information on the web”. But what is hidden is that the app most probably gives information to Facebook about other apps that the user uses and apps the degree to which such apps are used, on a regular basis.
“The problem with Onavo is that it talks about being a VPN that keeps your data private, but behind the scenes it’s harvesting your data for Facebook,” said Ryan Dochuk, CEO of the paid-for VPN TunnelBear. “It goes against what people generally expect when they use a VPN.”
Onavo has been useful for Facebook because it gathers market intelligence on the apps being used on tens of millions of devices that are not a part of the network of social media company. Analysis of the apps allows Facebook to find out that apps that are becoming popular and those which are not.
According to media reports, the new app store of Apple puts explicit ban on the gathering of “information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing”, and apparently the wordings are such that it appears to be clamping down on apps like Onavo.
“Apple has been very clear that it’s pro-privacy, and with every iteration of iOS [Apple’s mobile operating system] has been trying to restrain the ability of apps to know what’s going on the device if a user hasn’t authorised it”, said Joseph Jerome, a privacy specialist from the Center for Democracy and Technology,
Onavo was established in 2010 in Tel Aviv where the primary operations of the company was to aid users to reduce bills for their wireless networks by compressing incoming data on an iPhone or Android device. The app also highlighted the apps that used the most data. this was important market intelligence for mobile publishers because it allowed them to be aware of the performance of their apps comparted to competitors. A VPN called Onavo Protect was launchedby the start up in May 2013 that offered users protection of their data when they browsed the web from their mobile phones in a public wifi network
The company was acquired by Facebook in October 2013.
The function of VPN is to redirect and encrypt all data that leaves the computer o, phone or tablet of a user and is sent to another server in another location. They want to project themselves ot be measures for protecting data of users and their privacy and security but that is mostly dependenton who is operating the VPN and how they make their money.
“This server is in a really privileged position,” said Dochuk. “Essentially, it needs 100% of consumer trust because 100% of their data is going through that server.”
“If you’re not paying with your money you are probably paying with your data,” said Will Strafach, a security specialist who has analysed the Onavo app.
Facebook CEO mark Zuckerberg was asked whether it had violated privacy of consumers by gathering data from Onavo by lawmakers during the U.S. congressional testimony in April.
What data it would receive when a user installed the app was explained by Facebook.
“This helps us improve and operate the Onavo service by analysing your use of websites, apps and data,” Onavo Protect’s App Store messaging reads. “Because we’re part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences.”
(Adapted from TheGuardian.com)