Facebook secretly obtained proprietary data from competitors, including Snapchat, according to newly unsealed court documents.
At the request of CEO Mark Zuckerberg, Facebook officials developed a program called In-App Action Panel (IAAP) that they deployed in 2016, and the program was in use through mid-2019, according to the documents, which include internal emails.
The program used cyberattacks to intercept information from Snapchat, YouTube, and Amazon. The program then decrypted the information.
The lawyers, representing plaintiffs in a lawsuit that accuses Facebook of anti-competitive behavior, were describing emails they obtained through discovery.
“Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them,” he wrote. “Perhaps we need to do panels or write custom software. You should figure out how to do this.”
After Facebook employees started working on figuring it out, Facebook Chief Operating Officer Javier Olivan wrote that the program could pay users to let Facebook “install a really heavy piece of software (that could even do man in the middle, etc.).”
“Man in the middle” is a type of cyberattack during which attackers secretly intercept information.
“We are going to figure out a plan for a lockdown effort during June to bring a step change to our Snapchat visibility,” Guy Rosen, founder of Onavo, later wrote. “This is an opportunity for our team to shine.”
Onavo was started in Israel and bought by Facebook in 2013.
In a presentation on the program when it was being finalized, it was stated that “kits” could be installed to intercept traffic for specific sub-domains, allowing Facebook to read what would otherwise be encrypted traffic and measure in-app usage.
Documents and testimony obtained in the case show that the program began in June 2016 and continued being used through 2019.
The program initially targeted Snapchat but was later expanded to Google’s YouTube and Amazon, according to the documents.
The information gained by the program helped inform Facebook’s product designs, according to Facebook employees. Those products “[hampered] Snap’s ability to sell ads,” one Snapchat executive said in a deposition for the case.
Snapchat, Google, and Amazon did not return requests for comment.
Mr. Zuckerberg, in another deposition, refused to answer questions about the program. He indicated that he might answer questions if he was given an opportunity to review the documents.
Violation of Law
Facebook’s actions amounted to wiretapping and violated federal law, lawyers say.The Electronic Communications Privacy Act of 1986, sometimes known as the Wiretap Act, bars people from intercepting any “wire, oral, or electronic communication” and from intentionally disclosing the contents of information that was illegally intercepted.
Facebook’s program does not fall within exceptions outlined in the law, particularly because Snapchat did not approve the interception and decryption of its information, they said. Snapchat’s contact with users prohibits the behaviors in which Facebook engaged.
Meta did not respond to a request for comment.
Netflix Nexus
Reed Hastings, chairman of Netflix’s board of directors, also served on Facebook’s board for years.Plaintiffs have attempted to secure documents and a deposition from Mr. Hastings, but he has refused so far, according to other filings. The plaintiffs asked the court to force Mr. Hastings to comply with subpoenas.
The plaintiffs separately said they asked Netflix for materials but that Netflix had produced only 54 documents, “all of which are collateral (at best) to the issues Advertisers asked for documents on, and none of which fall within the clearly defined categories of documents that Advertisers repeatedly told Netflix were at the core of what was sought for Advertisers’ case.”
Netflix and Facebook have a yearslong relationship that includes Netflix’s spending tens of millions of dollars on Facebook advertising and Facebook’s granting Netflix unique access to its data, the filings noted.
The plaintiffs asked the court to compel Netflix to produce relevant documents.
Netflix did not respond to a request for comment.
