Australia’s consumer regulator is taking Facebook to court, alleging it misled and deceived users with an app that purported to offer data privacy services but actually monitored users for the tech giant’s commercial benefit.

According to the ACCC, the mobile app, known as Onavo Protect and pushed by Facebook as a VPN and data usage tool, used significant amounts of users’ personal activity data for Facebook’s market research, including identifying potential future acquisition targets.

The data collected and used included records of every app users accessed and the number of seconds each day they spent using those apps, according to the regulator.

An Onavo advertisement positioning the Facebook app as a privacy tool. Source: ACCC

“Through Onavo Protect, Facebook was collecting and using the very detailed and valuable personal activity data of thousands of Australian consumers for its own commercial purposes, which we believe is completely contrary to the promise of protection, secrecy and privacy that was central to Facebook’s promotion of this app,” ACCC Chair Rod Sims said today.

Update: Facebook declined to answer specific questions because the matter is now before the court but a spokesperson told Which-50 it will defend its position.

“When people downloaded Onavo Protect, we were always clear about the information we collect and how it is used,” the  Facebook company spokesperson said. “We’ve cooperated with the ACCC’s investigation into this matter to date. We will review the recent filing by the ACCC and will continue to defend our position in response to this recent filing.”

Onavo Protect was developed by an Israeli mobile web analytics company acquired by Facebook in 2013. The app routed users’ online activity through private servers, securing their privacy and allowing data usage to be easily monitored. 

While it was marketed as a privacy and security tool, a 2017 Wall Street Journal expose revealed Facebook was using the data to monitor users, and the information informed its decision to buy WhatsApp for US$19 billion in 2014.

US regulators, who this month sued Facebook for illegally maintaining a monopoly through anticompetitive conduct including a systematic strategy to buy up smaller rivals, made the same complaints about Onavo Protect in its filing documents.

Apple has also raised concerns about the app’s covert activity, banning Onavo Protect from its App Store in August 2018. It was later removed from the Google Play store and discontinued in 2019. 

Sims steps in

In the latest sign Australia’s most feared regulator is moving into data privacy, the ACCC today said it is taking Facebook, Inc. and two of its subsidiaries to Federal Court over Onavo Protect.

ACCC Chair Rod Sims. Source:

According to the ACCC, the Facebook owned app harvested Australian consumers data between 1 February 2016 and October 2017 while promising to “save,measure and protect” user data.

“Consumers often use VPN services because they care about their online privacy, and that is what this Facebook product claimed to offer. In fact, Onavo Protect channelled significant volumes of their personal activity data straight back to Facebook,” said the ACCC’s Sims.

“We believe that the conduct deprived Australian consumers of the opportunity to make an informed choice about the collection and use of their personal activity data by Facebook and Onavo.”

The ACCC is seeking declarations and pecuniary penalties.

Previous post

Xinja abandons retail banking

Next post

Oracle's cloud to manage US COVID-19 vaccination program