After sitting through more than 4 hours of Q&A on CSpan, I concluded that Zuckerberg was very sorry about the data breach and all possible similar breaches. He also seemed blissfully ignorant of people impersonating others, selling drugs via Facebook pages and to the question of if he was aware of child porn he appeared not to know anything. However, what struck me the most was there was no mention of Onavo, a well built corporate spyware acquired by Facebook in 2013. It was a worthy mention for a number of reasons which we will examine in this article.
What is Onavo and How does it work?
Onavo is a VPN client by data security app developers Onavo Protect. The company was acquired by Facebook earlier, but it has now started popping up on Facebook’s iOS app, with a banner that reads “protect” smack in the navigation menu. It is hard to miss! Clicking on this “Protect” banner redirects all users to the Onavo Protect VPN app, which is listed on Apple’s app store.
Most people will feel the urge to click as a VPN is meant to enhance security. You’d say “hey this is great, Facebook is giving me a free VPN app.” Though in reality, it is more than a VPN, it is corporate spyware at its best.
Interestingly this not the first time this banner has popped up on Facebook’s app. Back in 2016, it was spotted by hundreds of users in the UK. Plus, according to Onavo, it has been available on Android too for a long time. Though it is still not clear exactly how many Facebook users in the US or the UK have reported seeing this feature. However, Facebook has confirmed that the VPN is available to iOS users in America.
Why did Facebook buy Onavo in the first place?
The question in my mind and perhaps in the minds of all readers is that why would Facebook even care how people are accessing the social network? Why would it care so much as to invest nearly a billion dollars in buying a VPN software development company and then give it for free? As with everything in life, nothing is really free.
Marketing the VPN feature within Facebook will and has obviously led to a massive boost in users of the app. The app promises to warn Facebook users of potentially harmful and malicious websites. But is that really all Onavo does? I don’t think so and here is why.
Onavo’s VPN app essentially allows Facebook to easily monitor users’ activities across a range of apps. It gives Facebook a nearly unlimited advantage of being able to spot trends across a much larger user base that extends beyond the boundaries of Facebook. For instance, if a certain number of users downloading and using a particular app rises by 500% in just six months, Facebook knows this before anyone else does and can capitalize on the data. Similarly, it can see the slowing down of growth, and new features that users may be taking a liking to as opposed to others. Obviously, this is a treasure trove of information which I don’t feel comfortable trusting Facebook with of all companies.
Facebook has already used the data collected via Onavo
Facebook has used the data collected via Onavo and has used it in a number of ways. The most notable is in their battle with the mobile social networking platform Snapchat. The Wall Street Journal reported in 2017 that Facebook was able to track Instagram’s launch of their Stories like feature which was borrowed from Snapchat. The data showed that this new feature has the effect of slowing down user growth for the Snapchat. Now, this came even before the company disclosed this information.
Facebook also acquired the Tbh app in fall of 2017 and then used it to quickly integrate a similar feature into its own social network. Facebook was able to do this even before Tbh has been able to establish some sort of position in the social network space. Though it was clear that they had a great idea, significant enough to be the next big thing. It is clear that Onavo’s unfiltered insights into how fast Tbh was becoming popular led to Facebook taking the action it did.
How popular is Onavo right now?
As of today, the app is on over 33 million devices running iOS and Android. Plus the number keeps increasing with each passing day. Sensor Tower, a data analysis company, puts the figure at around 62% for those who have Android which is one reason why I suspect Facebook is pushing the app over iOS devices so hard in the US. Right now Americas are the biggest users of Onavo followed by India and Brazil.
I read Onavo’s App Store description, and it clearly reads as being part of Facebook. It also clearly says that the app is used to improve the products and services as well as help Facebook gain insights into the services that people value to use so as to build a better experience. We all know that this translates to the app spying on our every tap on a mobile device.
Unfortunately, I don’t think most Onavo users realize just how much information Facebook is using and storing. They could be monitoring use of various other apps like Snapchat, YouTube, Safari, etc. A lot if not all of their personal preferences including the websites they visit could be recorded and processed as usable data in Facebook’s quest for online superiority. Interestingly despite the recent data harvesting scandal and the many others that preceded it, Facebook has not refrained from using similar tricks in the past. The last such stunt was pulled by launching Instagram via a new Facebook feature, and it has also rolled out various WhatsApp integrations too.
Protect yourself and don’t rely on Facebook
Onavo is a software that’s meant to record and store what you do on a mobile device which is disguised as a free VPN app. It supposedly protects you from hackers and those who want to harvest your personal information. However, in doing so, it makes sure to keep all of that information for itself. The best way to avoid becoming victim to another Facebook mess up is to use a third-party VPN service of which they are many. Yes! They are not free, but they won’t be using, selling or renting your personal information for profit either. If you don’t believe us just read how Facebook bungled the Cambridge Analytica issue which led to millions of people and their personal information being left vulnerable…can you really trust them?