Zuckerberg unconvincingly feigns ignorance of data-sucking VPN scandal

Devin Coldewey

Facebook's Mark Zuckerberg appeared less than entirely truthful at today's House Judiciary hearing, regarding last year's major Onavo controversy, in which his company paid teenagers to use a VPN app that reported detailed data on their internet use. Though he may not have outright lied about it, his answers were evasive and misleading enough to warrant a rushed clarification shortly afterward.

Rep. Hank Johnson (D-GA) was asking Zuckerberg to confirm a series of events last year first reported by TechCrunch: A VPN app called Onavo, owned by Facebook, was kicked out of Apple's App Store for collecting and reporting usage data while purporting to provide a protective service.

Soon afterward, Facebook quietly began paying people — 18% of whom were teenagers — to install the "Facebook Research" app, which did much the same thing as Onavo, under a different name. TechCrunch reported this and Apple issued a ban before the end of that day; Facebook claimed to have removed it voluntarily, but this was shown not to be true.

Rep. Johnson questioned Zuckerberg along these lines, and the latter repeatedly expressed his unsureness about and lack of familiarity with these issues:

Johnson: When it became public that Facebook was using Onavo to conduct digital surveillance, your company got kicked out of Apple's App store, isn't that true?

Zuckerberg: Congressman, I'm not sure I'd characterize it in that way.

Johnson: I mean, Onavo did get kicked out of the App Store, isn't that true?

Zuckerberg: Congressman, we took the app out after Apple changed their policies on VPN apps.

Johnson: And it was because of the use of the surveillance tools.

Zuckerberg: Congressman, I'm not sure the policy was worded that way or that it's exactly the right characterization of it... [The policies are explained below.]

Johnson: Let me ask you this question. After Onavo was booted out of the App Store, you turned to other surveillance tools, such as Facebook Research App, correct?

Zuckerberg: Congressman, in general, yes, we do a broad variety—

Johnson: Isn't it true, Mr. Zuckerberg, that Facebook paid teenagers to sell their privacy by installing Facebook Research App?

Zuckerberg: Congressman, I'm not familiar with that, but I think it's a general practice that companies use to, uh, have different surveys and understand data from how people are using different products and what their preferences are.

Johnson: Facebook Research app got thrown out of the App Store too, isn't that true?

Zuckerberg: Congressman, I'm not familiar with that.

Image Credits: YouTube

Of course, the idea that Zuckerberg was not familiar with events that made headlines, took down Facebook's internal apps for days and prompted an angry letter to him from a senator is absurd. (After all, Facebook responded.)

Perhaps intuiting that this particular claim of ignorance was a bridge too far (and perhaps in response to some frantic off-screen action in the CEO's barnlike virtual testimony HQ), Zuckerberg took the opportunity to backpedal a few minutes later:

In response to Congressman Johnson’s question, before I said that I wasn’t familiar with the Facebook Research app when I wasn’t familiar with that name for it. I just want to be clear that I do recall we used an app for research and it’s since been discontinued.

Of course, although Zuckerberg may plausibly have been unsure about the name, it's not to be believed that he was not familiar with the events of that time, as they were both highly publicized and very costly for Facebook. Naturally he would also have been refreshed on them during preparation for this testimony.


That Zuckerberg is unfamiliar with the exact wording of Apple's rules is possible, even probable, but it was no secret that the rules were changed basically in response to reports of Facebook's Onavo shenanigans. Here is what Apple said at the time:

We work hard to protect user privacy and data security throughout the Apple ecosystem. With the latest update to our guidelines, we made it explicitly clear that apps should not collect information about which other apps are installed on a user’s device for the purposes of analytics or advertising/marketing and must make it clear what user data will be collected and how it will be used.

Later, when TechCrunch showed that Facebook had been using an enterprise deployment tool to essentially sideload spyware onto teenagers' phones, Apple said this:

We designed our Enterprise Developer Program solely for the internal distribution of apps within an organization. Facebook has been using their membership to distribute a data-collecting app to consumers, which is a clear breach of their agreement with Apple. Any developer using their enterprise certificates to distribute apps to consumers will have their certificates revoked, which is what we did in this case to protect our users and their data.

So Facebook was the reason, implicitly first, then later explicitly, for these App Store lockdowns. Rep. Johnson put the whole thing quite plainly at the end of his questions:

Johnson: You tried one thing and then you got caught, made some apologies, then you did it all over again. [long pause]... Isn't that true?

Zuckerberg: Congressman, I respectfully disagree with that characterization.

You can watch the full hearing here:

More From

  • The next-gen Xbox will ship in November

    The last few months have provided a steady trickle of information about the next Xbox console — or the Xbox Series X, as it's known. Microsoft had said it'd be ready by the holidays, but held off on getting much more specific than that. Microsoft doesn't say exactly when in November, so they've still got some wiggle room on the exact launch date.

  • Tesla announces 5 for 1 share split, rallies 8%

    Today after the close of regular trading Tesla, a well-known American electric vehicle company, announced that it intends to split its shares 5 for 1. The split announcement comes after a sharp rally in the value of Tesla equity in recent quarters. Worth comfortably more than $250 billion, Tesla is amongst the world's most valuable companies, let alone among the most valuable automakers.

  • 'Stalkerware' phone spying apps have escaped Google's ad ban

    Several companies offering phone-spying apps — known as "stalkerware" — are still advertising in Google search results, despite the search giant's ban that took effect today, TechCrunch has found. One of the biggest actions to date came last month when Google announced an updated ads policy, effectively banning companies from advertising phone-snooping apps "with the express purpose of tracking or monitoring another person or their activities without their authorization." Google gave these companies until August 11 to remove these ads.

  • Zin Boats reinvents the electric speedboat in a bid to become the Tesla of the sea

    The automotive industry is knee deep in the vast transition to electric, but one place where gas is still going strong is out on the water. Seattle startup Zin Boats wants to start what you might call a sea change by showing, as Tesla did with cars, that an electric boat can be not just better for the planet, but better in almost every other way as well. Piotr Zin, the company's namesake, has been designing racing sailboats for 20 years, while working in industrial design at BMW, GM and other major companies.