Facebook spied on competitors via VPN MITM, claims legality via "user consent"
Take action: Can one and should one trust VPN services these days? Who owns them, who gets to read the data within the VPN? Even more, if somebody is paying you to install an app on your device, you are not only a product. You are now actively spied on, and you have no idea what for.
Learn More
Court documents reveal that in 2016, Facebook initiated a controversial project known as "Project Ghostbusters," aimed at collecting analytics data from apps outside its ownership, including Snapchat, YouTube, and Amazon. The project utilized Onavo, a VPN application acquired by Facebook in 2013 and discontinued in 2019, to execute its objectives.
This effort was codenamed "Project Ghostbusters" designed to leverage a cyberattack technique, SSL man-in-the-middle, to intercept and decrypt SSL-protected analytics traffic. The strategy was purportedly undertaken to bolster Facebook's competitive decision-making capabilities, at the request to get more information from Snapchat by Mark Zuckerberg.
Zuckerberg's interest in gaining insights into Snapchat's user analytics was evident in an email he sent to executives, prompting the inception of Facebook Research in 2016. This project compensated users for installing a tracking app, offering insights into user engagement with apps like Snapchat.
The documents allege that "Project Ghostbusters" not only stifled competition but also potentially contravened the Wiretap Act, a claim Meta has since rebutted. Despite the termination of this project in 2019 following public scrutiny, it has sparked ongoing debate regarding its ethical implications.
Meta has dismissed these allegations as "baseless" and "irrelevant," maintaining that the issue was previously reported and that user consent was obtained for participation in the project.
