The real lesson of Facebook's Apple dust-up shows why Zuckerberg's 'hacker way' is even more dangerous than we thought
If policymakers needed any more convincing that it's long past time to rein in Facebook, the company's dustup this week with Apple provided a bold-faced, highlighted, and gold-starred case in point.
Facebook long ago showed that it has no respect for its users or for conventional societal norms when it comes to things like privacy. It showed that it was willing to cross legal lines and defy government regulators years ago too.
But the fact that it was willing to risk even the wrath of Apple — a company that has no small amount of power over Facebook's ability to reach consumers, customers, and even its own employees — shows just how brazen the social networking company has become. Its appetite for data on its users and competitors is so ravenous that it's willing to cross seemingly any and every line to get it, no matter what the potential risk.
Facebook's move to intentionally skirt Apple's rules in order to spy on consumers' mobile phone activities was "a particularly egregious abuse of power on Facebook's behalf," said Bennett Cyphers, the staff technologist with the Electronic Frontier Foundation, a digital-rights advocacy group. "One of many," he added.
That's something the Federal Trade Commission, Congress, the European Union, and other regulators should keep in mind as they try to figure out how to respond to Facebook's market dominance, its data and privacy practices, and its endless string of misdeeds. A simple slap on the wrist, whether in the form of a fine or a signed promise to follow the law, isn't going to cow a company like that. It's going to take something a lot more forceful, something like breaking up the company or massively disrupting the way it does business.
The goal, said Barry Lynn, executive director of the Open Markets Institute, an anti-monopoly advocacy group that's helped lead the charge against Facebook, should be to de-fang the company and other tech giants.
"What we should do about Google and Facebook is the same damn thing we did about the railroads, and AT&T, and the telegraph companies, and other network monopolies — that is to neutralize them," Lynn said in a conversation before Facebook-Apple dispute came to light.
Facebook was determined to monitor iPhone users
Facebook's brouhaha with Apple seems to have begun with an app owned by the social-networking company called Onavo. That app offers a virtual private network, a way of cordoning off data from the general internet to protect users' activities from being monitored. And that's the way Facebook marketed it.
But Onavo was designed to allow Facebook itself to monitor everything users of the app were doing on their phones. And the data it provided reportedly gave the company crucial intelligence about emerging competitors, including WhatsApp, which Facebook later purchased, and Snapchat, whose features it copied.
Last year, Apple banned apps like Onavo that monitored users activities on their phones and then delisted Onavo from its App Store.
Facebook could have let things stand at that. Instead, it chose to go another route.
Since 2016, according to a report in TechCrunch, the company had been monitoring users' through another app called Facebook Research, which shared many similarities with Onavo. Like Onavo, Facebook Research offered a VPN that kept tabs on users' phone activities. The social-networking company paid consumers as young as 13 to install the app so it could monitor what they were doing on their smartphones.
But instead of offering Facebook Research through the public App Store, Facebook got it out to users surreptitiously, having third-party companies offer it through a process Apple created to allow enterprises to distribute internal apps to their employees. The move was a clear violation of both the letter and spirit of Apple's rules.
One might think that after Apple banned Onavo from the App Store, Facebook might have reconsidered offering Facebook Research. After all, if Apple didn't want such apps being offered to iPhone users through the legitimate channel, it almost certainly would look askance at them being offered in a way that skirted around its rules.
The incident shows how invulnerable Facebook feels
But no. Facebook kept on pushing Facebook Research — up until the moment TechCrunch broke the news about it.
Once the news broke, Apple responded in a predictable way — it shut down Facebook Research. But it did more than just that. It revoked the security certificates Facebook used for all of the apps it distributed through Apple's enterprise app process. Apple's move disabled everything from the internal test versions of the social-networking company's Facebook and Instagram apps to the apps Facebook employees use for transportation on campus, infuriating workers and causing chaos at the company.
Some observers encouraged Apple to go even farther and disable Facebook's consumer apps or kick them out of the App Store. Ultimately it refrained from doing so and even restored Facebook's enterprise apps within two days. But the whole episode demonstrated the huge risk Facebook was taking by skirting around Apple's rules.
It also, though, shows just how untouchable and insulated and invulnerable the folks at Facebook must feel.
It's one thing to push the boundaries with users; on the whole, they've shown again and again they're not going to abandon Facebook no matter what the companies does. To date, you can put regulators in that same basket; no matter what lines Facebook has crossed, they've generally treated the company with kid gloves.
This could reinforce Facebook's sense that it's untouchable
But it's another thing to mess with Apple. Not only does it have a lot of power over Facebook, but CEO Tim Cook has long made clear he's no fan of Facebook. It wouldn't have taken a great leap to think he might have been looking for an excuse to put the social-networking company back in its place.
Unfortunately, the way this incident ended may only reinforce Facebook's sense of impunity. When all was said and done, it didn't suffer much. Apple restored its enterprise certificates and didn't take down its consumer apps. Facebook didn't even have to acknowledge that it did anything wrong.
The only lasting consequence was that it had to discontinue Facebook Research, an app that it was offering on the sly anyway. In fact, the whole dispute fit a typical pattern for Facebook — push the boundaries, get caught, apologize or back off, and then rinse and repeat.
That's why policymakers should study this incident long and hard. As the dispute shows, Facebook is a company that thinks it doesn't have to answer to anybody.