Apple is having a good few days when it comes to privacy.
Fresh from announcing a new update to its iOS operating system which will stop the FBI and others from being able to use the GreyKey device to hack into device passcodes, they have also announced updates to their App Store rules which appears to render the Facebook ‘VPN’ Onavo Protect illegal.
Facebook’s controversial free ‘VPN’
Regular readers may recall that we reported earlier this year that Facebook added a Protect feature to their desktop and mobile platform which linked to a new app called Onavo Protect.
Onavo Protect purported to be a free VPN app, but all was not as it seems. Whereas a traditional VPN redirects traffic via a secure and private external server and keeps all of your data encrypted and private, Onavo does things rather differently.
Experts analysed Onavo and found that, rather than being a VPN, Onavo was essentially a tracking tool for its parent company, Facebook.
It passes a whole host of data from its users directly onto Facebook including such things as what other apps you are using on your device, how much you use them, and what websites you are visiting.
In other words, it harvests user data on other apps outside of both Onavo and Facebook and sends it back to Facebook. This data is extremely useful for Facebook because they can see which apps are becoming popular and which are being used less.
This can inform them about their main rivals, new start-up apps, and also provide intelligence for Facebook’s acquisition of smaller competitors.
Onavo data has already been put to good use. It is reported to have been key to the acquisition of WhatsApp in 2014 and has also been used to monitor SnapChat use ahead of the launch of similar features on Instagram.
But while Onavo is very useful for Facebook, it is seen by many as a gross invasion of user privacy. Facebook has brushed these concerns aside, claiming that data is just used to improve user experiences for Onavo and Facebook customers.
Apple stands up for user privacy once more
But many are far from satisfied with this and it seems that Apple has decided that their customers shouldn’t be exposed to such a privacy invasion.
As a result, the new rules for inclusion in the Apple app store explicitly forbids the collection of “information about which other apps are installed on a user’s device for the purpose of analytics or advertising/marketing”.
This is not the first time that Apple has made changes to the App store rules to try and restrict the ability of apps to monitor what users are doing elsewhere on their devices without user authorisation.
But this latest change appears to be a decisive one. And it appears almost certain to see Onavo Protect thrown out of the Apple app store as soon as the new rules come into effect.
This is absolutely as it should be. The way Onavo Protect is promoted on Facebook and in the Apple app store suggests to users that it is a free VPN. In fact, it is almost the exact opposite. It is a tracking tool which harvests user information rather than hides it and hands it over to Facebook to use as they see fit.
Facebook’s promotion of Onavo as a VPN is completely irresponsible and misleading to their users. It is encouraging to see Apple acting to stop this deception and it is to be hoped that other app stores will follow their lead.
Staying safe and private online without Onavo
If Facebook users really want to keep their data secure and private online, they should look to a reputable and proven VPN provider such as ExpressVPN or NordVPN. For just a few dollars a month, these VPNs offer state of the art encryption and guaranteed user privacy.
And if privacy is really a priority, the best advice is to remove all Facebook-owned apps from your device entirely. And if you want to stop Facebook knowing just about everything you do online, you can also think about removing your Facebook accounts completely.
One thing is for sure, you should not be downloading and using Onavo Protect on your devices. And if you own an iPhone or another Apple device, it won’t be long before you are not able to either.