Mark Zuckerberg-led Meta Platforms Inc.
What Happened: The project, codenamed "Project Ghostbusters," was launched in 2016 and was aimed at understanding user behavior and gaining a competitive advantage over Snapchat and other rivals, reported TechCrunch, citing newly unsealed court documents on Tuesday.
The documents were revealed as part of a class-action lawsuit between consumers and Meta, Facebook's parent company.
As per the documents, the project was part of Facebook's In-App Action Panel or IAPP program, which used a technique for "intercepting and decrypting" encrypted app traffic from users of Snapchat, and later from users of Alphabet Inc.'s
Facebook's engineers allegedly used Onavo, a VPN-like service that Facebook acquired in 2013, to bypass the encryption. The project was later expanded to include Amazon and YouTube.
The document included internal emails, one of which was from Zuckerberg, dated June 9, 2016. In the email, Zuckerberg reportedly wrote, "Whenever someone asks a question about Snapchat, the answer is usually that because their traffic is encrypted, we have no analytics about them," adding, "Given how quickly they're growing, it seems important to figure out a new way to get reliable analytics about them. Perhaps we need to do panels or write custom software. You should figure out how to do this."
Following Zuckerberg's email, the Onavo team assumed responsibility for the project. Approximately one month later, they presented a proposal: kits that could be installed on iOS and Android platforms. These kits would intercept traffic for particular subdomains, enabling the team to analyze in-app usage by reading what would typically be encrypted traffic. An email from July 2016 explained, "This is a 'man-in-the-middle' approach."
Not all Facebook employees were in favor of Project Ghostbusters. Some expressed their concerns, including Jay Parikh, Facebook's then-head of infrastructure engineering, and Pedro Canahuati, the then-head of security engineering.
"I can't think of a good argument for why this is okay. No security person is ever comfortable with this, no matter what consent we get from the general public. The general public just doesn't know how this stuff works," Canahuati wrote in an email, which is included in the court documents.
Meta did not immediately respond to Benzinga's request for comments.
In 2020, a class-action lawsuit was filed against Facebook, alleging that the company lied about its data collection activities and exploited the data it "deceptively extracted" from users to identify competitors and then unfairly fight against these new companies.
Why It Matters: This revelation comes amid a series of legal challenges Meta faces. Earlier this month, a U.S. appeals court rejected Meta's bid to halt a privacy investigation by the Federal Trade Commission or FTC.
Meta Platforms has also been slapped with a $600 million lawsuit by a Spanish media association, accusing the tech giant of engaging in unfair competition within the advertising market. In February, the company was hit by a $3.8 billion lawsuit in the U.K. over its data collection practices.
Just last week, it was reported that Meta Platforms was facing a class-action lawsuit over allegations that the company misrepresented the audience size for its Facebook and Instagram advertising services.
