New in OS X: Get MacRumors Push Notifications on your Mac

Resubscribe Now Close

Apple Shut Down All of Facebook's Internal Apps When Revoking Enterprise Certificate [Update: Fixed]

Facebook is no longer able to use or distribute important internal iOS apps after Apple disabled the Enterprise Certificate Facebook was abusing to surreptitiously gather data from iOS users right under Apple's nose.

Since 2016, Facebook has been paying teens and adults $20 per month to install a data gathering "Facebook Research" app that harvested all kinds of sensitive details from participants.

Facebook abused its enterprise certificate to get customers to install a "Facebook Research app

Apple had already banned Facebook's attempts to gather data through the Onavo VPN app, so Facebook used its enterprise certificate - provided to companies to install and manage internal apps for employees - to get participants to sideload the Facebook Research app, bypassing the App Store and Apple's oversight.

Facebook yesterday said that it was not violating Apple's enterprise rules, but as it turns out, Facebook was wrong. Apple this morning revoked Facebook's enterprise and said the social network had clearly violated the Enterprise Developer Program.
We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.
Facebook's revoked certificate wasn't just used for the Facebook Research app. According to The Verge, Facebook needed that certificate to run all of its internal apps, and with access revoked, none of those apps are working.

That means Facebook isn't able to distribute internal iOS apps like Facebook, Instagram, and Messenger for testing purposes, and internal employee apps for purposes like food and transportation are nonfunctional.

All of the apps that used the certificate "simply don't launch on employees' phones anymore," and Facebook is said to be treating the issue as a critical problem internally.

After the certificate was revoked, Facebook this morning said that it would shut down its Facebook Research app, though the company defended it and claimed that those who participated went through a "clear on-boarding process." The Facebook Research app for Android continues to be available.

Facebook is not going to be able to properly operate and distribute iOS apps on a wide scale basis without access to its certificate, so it's not clear how this situation will play out. Apple's tools are essential for internal apps, though Facebook will likely still be able to use alternatives like TestFlight if the certificate isn't reinstated.

Apple CEO Tim Cook has been highly critical of Facebook's lack of respect for user privacy in the past, and the two companies have had a dispute over the Onavo app, but this is the first time that Apple has directly punished Facebook and shut down one of its illicit activities.

Update: Facebook says it is "working closely" with Apple to reinstate access to internal apps. Employees, meanwhile, are said to be angry and unable to do their work without the apps.

Update 2: In a statement to The New York Times, Facebook says that Apple has restored its Enterprise Certificate. "We have had our Enterprise Certification, which enables our internal employee applications, restored. We are in the process of getting our internal apps up and running. To be clear, this didn’t have an impact on our consumer-facing services."



Top Rated Comments

(View all)

3 weeks ago
Good. Now Apple should pull their apps from the App Store until they have a written assurance from Facebook that their developer program privileges won't be abused again.

No other company or developer would get off this easily.
Rating: 66 Votes
3 weeks ago
Delete Facebook
Rating: 64 Votes
3 weeks ago
Seems a tad harsh. All they did was circumvent Apple's privacy guidelines… and harvest data for uninformed users at a fraction of the price it ought to be worth… to bolster their efforts to make Facebook and even more overpowered weapon of social intrusion.

Can't help but wonder how poor Mark took the news…

Rating: 42 Votes
3 weeks ago
Good on Apple. Facebook is a scumbag company. They deserve to go out of business and Zuckerberg deserves to have all his most intimate data shared with the world.
Rating: 42 Votes
3 weeks ago
I'd like to see Facebook banned and ousted from iOS
Rating: 40 Votes
3 weeks ago
I was looking forward to this
Rating: 31 Votes
3 weeks ago
Amazing how brazen Facebook is - truly a company run by scumbags making the decisions.

The thing is - the more they cheat, lie and betray their users trust - the more money they make and this is why they show no indication of slowing down (and also why Google appears to be getting worse over the last couple of years as well under their newer leadership) - doing this equals growth for the business. Its a fundamental problem with their business model.
Rating: 27 Votes
3 weeks ago
Just when you thought FB couldn’t stoop any lower...
Rating: 25 Votes
3 weeks ago

Facebook's lack of respect ... give me a break … Apple ain't no saint.


There's some grey area between being a saint and spying on children to mine their personal data.

Apple faltering in some areas doesn't make Facebook's actions any less abhorrent. Likewise it shouldn't put Apple in the same group as Facebook simply on the criteria that "nobody's perfect".
Rating: 24 Votes
3 weeks ago
I'm sure all those children roped into this by Facebook understood the "clear on-boarding process."

What a crock.
Rating: 23 Votes

[ Read All Comments ]