In the final days of January, Apple got into a bit of a spat with both Facebook and Google over the latter two companies abusing Apple’s Enterprise Developer Program. The Enterprise Developer Program is intended to allow companies to distribute apps to company-owned iOS devices, without putting them on the App Store or needing to comply with App Store guidelines.
From 2016 onwards, Facebook was using this program to distribute an app called “Facebook Research”. The entire purpose of the app was to collect data about the user’s device usage. This data included browsing history, message contents, app usage habits, and location data. This is against the App Store guidelines, and Facebook had a similar app named “Onavo Protect” that was banned from the App Store for similar data collection. However since “Facebook Research” was not on the App Store, the guidelines did not apply. Facebook distributed the app on its own, drawing in users with advertisements on Snapchat and Instagram targeting people between 13 to 35 years of age. The users, 5% of whom were teenagers, were each provided with a $20 gift card for their participation.
On the 29th of January, Apple revoked Facebook’s Enterprise Certificate, disabling the “Facebook Research” app on all iOS devices. Facebook had used the same certificate for all their internal apps and for beta testing apps on the App Store. While this may have caused a lot of chaos for Facebook’s programmers, it was also entirely laid out in Apple’s official policies regarding Enterprise Certificates.
Google had a similar app for iOS called “Screenwise Protect”, but immediately discontinued it after Facebook’s certificate was revoked. They even posted a public apology for their actions. However, on the 31st of January Apple decided to revoke Google’s Enterprise Certificate anyway. Throughout the day Google’s programmers could not test beta versions of the Google Maps, Hangouts or Gmail apps for iOS. Google employees using iOS were also unable to use employee-only apps, such as internal transportation and cafe apps.
Google and Facebook both entered negotiations with Apple to have the certificates restored, and later in the day, their internal iOS apps were functional once again. However, Apple’s Enterprise Certificate woes have not ended. Various other companies are using the Enterprise Developer Program to distribute pirated apps, pornography apps and even apps for real-money gambling. These shady developers are impersonating legitimate business in order to have access to the Enterprise Developer Program.
It’s easy enough for an ordinary consumer to avoid such seedy software sources. However, the spat between the silicon giants reveals a lot about them. For one thing, the depths that Facebook and Google will stoop to for access to user data: Facebook was essentially paying teenagers for private, perhaps even intimate, information. There is, of course, the other side of the coin: the level of control that Apple holds over the devices it sells. Even with internal enterprise apps, Apple has the power to do as it sees fit. It may have been a public good to eliminate “Facebook Research” and “Screenwise Protect”, but that does not mean their decisions will remain consumer-friendly until the end of time.
Most telling of all is the resolution of the conflict. Facebook and Google had the opportunity to negotiate their way back to having their internal apps functioning. Companies with less clout would have probably not been so lucky, but the silicon giants must look out for their own.