Australia’s consumer regulator has launched proceedings against Facebook and its subsidiaries over virtual private network (VPN) app Onavo Protect, alleging it harvested data without users’ consent.
The Australian Competition and Consumer Commission (ACCC) said on Wednesday it was seeking to impose an unspecified fine on Facebook for engaging into “false, misleading or deceptive conduct.”
While the tech giant has been promoting Onavo Protect as a tool to “keep users’ personal activity data private,” the application turned out to be doing exactly the opposite, the watchdog claimed. The free software instead “collected, aggregated and used significant amounts of users’ personal activity data for Facebook’s commercial benefit.”
“Through Onavo Protect, Facebook was collecting and using the very detailed and valuable personal activity data of thousands of Australian consumers for its own commercial purposes, which we believe is completely contrary to the promise of protection, secrecy and privacy that was central to Facebook’s promotion of this app,” ACCC head Rod Sims said in a statement.
The app’s slogan ‘Keep it secret. Keep it safe.’ is extremely misleading and “deprived Australian consumers” of making an informed choice on whether to use the VPN application, the official added. The application was discontinued by Facebook in early 2019 following an expose by TechCrunch that said the code from the “privacy” tool was used to extensively spy on teenagers.
Facebook has denied all the allegations, insisting that it was “always clear about the information we collect and how it is used.”
“We will review the recent filing by the ACCC and will continue to defend our position in response to this recent filing,” a Facebook spokeswoman said, as cited by Reuters.
The move is the latest in a recent string of actions undertaken by governments worldwide against big tech companies. Last week, the US Federal Trade Commission (FTC) sued Facebook over an alleged breach of antitrust legislation. The lawsuit claims the company has been “illegally maintaining its personal social networking monopoly” and indulged in “a years-long course of anticompetitive conduct.”
While the US action may result in forcing Facebook to sell its assets, European nations have been more preoccupied with the mishandling of user data by big tech. On Tuesday, Twitter became the first company to be punished under the EU’s new General Data Protection Regulation (GDPR), with Ireland’s Data Protection Commission (DPC) slapping the company with a €450,000 ($547,000) fine. The penalty stemmed from a 2019 incident that saw private tweets posted by Android app users exposed to the general public and Twitter’s failure to provide a timely report on the breach.
Think your friends would be interested? Share this story!