Google's Also Peddling a Data Collector Through Apple's Back Door (techcrunch.com) 46
Facebook is not the only one abusing Apple's system for distributing employee-only apps to sidestep the App Store and collect extensive data on users. Google has been running an app called Screenwise Meter, which bears a strong resemblance to the app distributed by Facebook Research that has now been barred by Apple, TechCrunch reported Wednesday. From the report: In its app, Google invites users aged 18 and up (or 13 if part of a family group) to download the app by way of a special code and registration process using an Enterprise Certificate. That's the same type of policy violation that led Apple to shut down Facebook's similar Research VPN iOS app, which had the knock-on effect of also disabling usage of Facebook's legitimate employee-only apps -- which run on the same Facebook Enterprise Certificate -- and making Facebook look very iffy in the process. It needs to be pointed out that Google's app is relatively transparent about what it does and who runs it.
Re: Through Apple's Back Door (Score:1)
It takes courage to go in through the out door.
Re: (Score:2)
Haha, that's a funny post! ;)
They're not even bothering to deny it anymore (Score:2)
These asshole corporations aren't even bothering to TRY to hide their overreaching ways anymore. What's next? Are they going to go to Congress and DEMAND legislation REQUIRING citizens to hand over all their personal data and communications to them? REQUIRE everyone to have so-called 'smart speakers/digital assistants' in every room of their houses so they can be spied on directly 24/7?
FUCK THIS SHIT. IT HAS TO STOP!
Re: (Score:1)
Facebook lies to Congress directly, why is this any worse? ALL of them need to be dealt with.
Re: (Score:2)
They are directly âoeattackingâ kids too.
âoeattackingâ
vera góður eða ég mun snúa ér í froskur
Re: (Score:3)
But . . . but . . . ."Google's app is relatively transparent about what it does and who runs it"
Because announcing "I am a rapist and I am here to rape you" makes it OK.
If the rapee consents (and is competent to consent; of legal age, of sound mind, etc.)... it does make it okay.
Re: (Score:2)
Hold up. There's a very important adjective missing from anything you've just said: informed. Where was the informed consent?
Sure, users may be willing to consent, but how many of them actually understood what they were consenting to? Is it valid consent if the other person mumbles inaudibly that they have HIV? Is it valid consent if Facebook buries in the middle of 400 pages of legalese that they'll have unfettered access to absolutely everything you do on the device, not just your browsing? And given that
Re: (Score:2)
Hold up. There's a very important adjective missing from anything you've just said: informed. Where was the informed consent?
In the case of the Google app, you're talking about people who were invited to join a panel, regularly answer questionnaires, place additional monitoring devices near the TVs in their homes... I think they are well-informed.
Re: (Score:3)
If the rapee consents (and is competent to consent; of legal age, of sound mind, etc.)... it does make it okay.
But that's not Google's modus operandi. A customer (competent, of legal age, of sound mind, with up to date vaccinations and a document from the neighborhood association certifying he's a good guy) who explicitly disables location tracking, still gets tracked [apnews.com]. It's more like
"I'm a rapist - do you want to be raped?"
"No, please"
"OK, I won't" - proceeds to rape you.
Re:They're not even bothering to deny it anymore (Score:5, Interesting)
How is this different from a person volunteering for a 1-week medical study where you're put in a room and everything about you is recorded?
As the article said, Google is relatively more upfront that this is monitoring everything you do on your phone.
If a company tells you explicitly what it's going to do with you + your info, and you agree and affirmatively opt in, why should government step in?
Are you saying the people are not aware of their full involvement? Should govt lay down the ground rules for what these studies can record / collect like a medical study? What do you propose?
Re: (Score:2)
"Should govt lay down the ground rules for what these studies can record / collect like a medical study?"
That's not a bad place to start. After various nastiness, like the US Army infecting soldiers with syphilis and the Nazi's crucifying people to see how they died, the world decided that human subject research needed some oversight, safeguards, and strong ethical rules. Corporations that don't do human subject research as their bread and butter generally don't bother to follow those rules.
Re: (Score:2)
You want the people who infected soldiers with syphilis (not to mention Tuskegee [wikipedia.org]) and crucified people to see how they died to make up the rules about how to treat people? Because corporations?
Re: (Score:2)
Yeah, corporations *never* do anything evil.
International human research conventions were written as a collaboration by lots of different groups, not just governments.
Re: (Score:2)
Choosing to install an app like this doesn't just affect you, it affects us all.
Take Cambridge Analytica:
Step 1.
Know a lot about a relatively small amount of people. In their case, people filled in questionaires using an app.
Step 2.
Use machine learning algorithms to find common patterns in the Facebook likes of people who are neurotic (or gullible, have experienced childhood trauma, etc). For example, you might discover that they are more likely to like both christian rock and lobster restaurants. Or some
Re: They're not even bothering to deny it anymore (Score:2)
On the other hand 60% or more of internet users use Chrome, which does exactly the same. Odd, innit?
Re: (Score:2)
Every 1-week medical study has (a) Isolation of PII data from medical data with strict rules on who can access the PII data and for what purpose; (b) Written procedures that cover the same (including who can be in the room as data is collected); (c) Written explanations of any possible harm (including reputation damage and/or emotional distress) that could occur to their subjects and mitigation strategies; (d) Informed consent not ju
So are Google and Facebook doing this on Android? (Score:3)
One thing I hadn't read yet, do Facebook and Google have similar apps for Android? It seems likely they would... but I had not read that they did.
Re: (Score:3)
One thing I hadn't read yet, do Facebook and Google have similar apps for Android? It seems likely they would... but I had not read that they did.
https://play.google.com/store/apps/details?id=com.google.android.apps.userpanel&hl=en_US [google.com]
Re: (Score:2)
Oh, that explains why Neilsen phoned me. They are rolling out something similar, but apparently they want households with land lines and a teen with an Android phone.
At least I got $3 in cash (bills) for my time.
Re: (Score:2)
That Facebook was willing to face the wrath of Apple and lose all functionality on corporate dev
Re: (Score:2)
I really think this was a case of Facebook thinking they were "too big to revoke".
Every iOS developer pretty much is cognizant of the Apple rules around enterprise releases, so I would think Facebook would have had a lot of people purposefully choosing to break those rules to do anything like an external release (involving money no less!!) of an enterprise signed app...
As for how Android addresses this, maybe they could at least have more control around what apps are allowed VPN access, or some global way G
It doesn't matter how up front the are (Score:4, Insightful)
There's a really excellent breakdown of the terms of the Enterprise agreement in the Facebook thread (https://apple.slashdot.org/comments.pl?sid=13320022&cid=58046318) and it's clear that this is a violation of that agreement no matter how you swing it. Unless these people are contractors and only use the application on-site (which is to say, at Google, under the DIRECT supervision of an employee) this is a clear breach of the contract.
Google may have a little less to lose than Facebook by having the certificate rejected, but it's not going to be a trivial thing for them either.