- TechCrunch found that Facebook had been paying people to install a research app that grants access to all of the user's phone and web activity.
- Following the report, Apple said the app violates its policies.
- A Facebook spokesperson said the app had "a clear on-boarding process" that asked participants for permission.
Apple has revoked some developer privileges from Facebook following a TechCrunch report that said Facebook was paying some users, including teenagers, to download an app that provided a deep level of access to activity on the user's phone.
Asked about the report, an Apple spokesperson told CNBC on Wednesday that Facebook violated its policies by distributing "a data-collecting app to consumers." Apple has revoked Facebook's "enterprise certificates" that let it distribute the activity-tracking app to users.
"We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization," the spokesperson said. "Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data."
Facebook will still be allowed to list its apps in Apple's App Store. Apple only revoked Facebook's ability to distribute apps through a method designed to let developers internally test apps that have not been released yet. Under Apple's rules, developers can only distribute those apps to their own employees. But Facebook was distributing the data-collecting app to people not employed by the social media company, according to TechCrunch. This could also affect Facebook's ability to test its apps internally before releasing them publicly in Apple's App Store.
Facebook paid users ages 13 to 35 as much as $20 per month plus referral fees for participating in its research program by downloading the "Facebook Research" app on iOS or Android, TechCrunch reported. The program, which began in 2016, is administered through several beta testing services, which TechCrunch said helped mask Facebook's involvement in the program. Facebook disputed that its involvement was secretive, but it is ending the program through Apple.
Facebook's research app could potentially collect user data including private messages and photos sent to others through various messaging apps, web searches and location information, security expert Will Strafach of Guardian Mobile Firewall told TechCrunch.
A Facebook spokesperson told CNBC, "Key facts about this market research program are being ignored. Despite early reports, there was nothing 'secret' about this; it was literally called the Facebook Research App. It wasn't 'spying' as all of the people who signed up to participate went through a clear on-boarding process asking for their permission and were paid to participate. Finally, less than 5 percent of the people who chose to participate in this market research program were teens. All of them with signed parental consent forms."