- A federal court in California released new documents revealing Facebook tried to spy on Snapchat users.
- The internal project was known as Project Ghostbusters and it used MITM attacks to get sensitive user data.
- Besides Snapchat, the project was also used to get user data from YouTube and Amazon.
Meta has come under fire for its privacy practices yet again. A recent set of leaked documents revealed a secretive project where Facebook’s app allegedly spied on Snapchat user traffic. Here’s everything you need to know.
In 2016, Facebook initiated a secret project called “Project Ghostbusters”. This project aimed to intercept and decode the communication flowing between Snapchat’s servers and users “to understand users’ behavior”. This was presumably done to gain a competitive edge against the rising popularity of Snapchat. According to the documents, “Project Ghostbusters” was a play on Snapchat’s ghost logo, hinting at its secretive nature.
The Federal court in California released the documents on Tuesday as a part of the lawsuit between users and Meta. They also revealed that the firm tried to do the same with Amazon and YouTube.
Facebook’s secret project was a part of the company’s IAPP program (In-App Action Panel). This was created to gain a competitive edge over its competitors by intercepting and decrypting their traffic.
How Facebook Spied on Snapchat Users
The documents also contained emails discussing the project which were published as a part of the lawsuit. Mark Zuckerberg, Chief Executive of Facebook wrote in an email, “Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted we have no analytics about them”.
He also wrote, “Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this”.
A few Facebook engineers came up with the idea of using Onavo via “kits”. These kits can be installed on iOS and Android to get traffic, effectively making this an MITM (Man-in-the-middle) attack.
Once the project succeeded, an email read, “We now have the capability to measure detailed in-app activity” from “parsing Snapchat [sic] analytics collected from incentivized participants in Onavo’s research program”.
The details are quite baffling but it’s not the first time Facebook has done something like this. Take the Cambridge Analytica Scandal for example, which harvested the data of up to 87 million users to assist in America’s 2016 presidential elections.
What are your thoughts about Facebook’s spying practices? Do you still use Facebook or other Meta products? Let us know in the comments section below.
