In 2016, Facebook launched a secret project aimed at intercepting and decrypting network traffic between people using the Snapchat app and its servers. The purpose, according to newly released court documents, was to understand user behavior and help Facebook compete with Snapchat. Facebook called it “Project Ghostbusters,” an obvious reference to Snapchat's ghostly logo.
A federal court in California on Tuesday released new documents discovered as part of a class action lawsuit between consumers and Facebook's parent company Meta.
Newly published documents show how Meta can determine which competitors, including Snapchat and later Amazon and YouTube, by analyzing network traffic to determine how users interact with Meta's competitors. It became clear that the company was trying to gain a competitive advantage in this way. Given that these apps use encryption, Facebook had to develop special technology to get around it.
One of the documents details Facebook's project Ghostbusters. The project is part of the company's In-App Action Panel (IAPP) program, a technology that “intercepts and decrypts” encrypted app traffic from users on Snapchat and later on YouTube and Amazon. was used, the consumer's attorney wrote. documents.
This document includes internal Facebook emails discussing the project.
“When someone asks a question about Snapchat, the answer is usually that the traffic is encrypted and cannot be analyzed,” Meta CEO Mark Zuckerberg said in a 2016 lawsuit made public as part of a lawsuit. he wrote in an email dated June 9. . “Given how quickly they're growing, it seems important to find new ways to get reliable analysis about them. Perhaps you'll need to create a panel or write custom software. You should find a way to do this.”
Facebook engineers' solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. Facebook shut down his Onavo in 2019 after a TechCrunch investigation revealed that Facebook was secretly paying teenagers to use Onavo to give them access to all of the web. did. Activities.
After Zuckerberg's email, the Onavo team took on the project and proposed a solution a month later. It's a so-called kit that can be installed on iOS and Android that intercepts traffic on specific subdomains and is “capable of reading encrypted traffic.” We can measure in-app usage,” his July 2016 email said. “This is a ‘man in the middle’ approach.”
A man-in-the-middle attack (now also known as a hostile man-in-the-middle) is an attack in which a hacker intercepts Internet traffic flowing across a network from one device to another. If the network's traffic is not encrypted, this type of attack allows hackers to read internal data such as usernames, passwords, and other in-app activities.
Given that Snapchat encrypts traffic between the app and its servers, this network analysis technique is not effective. This is why a Facebook engineer suggested using his Onavo. Enabling Onavo had the benefit of being able to read all of your device's network traffic before it was encrypted and sent over the internet.
“You can now measure detailed in-app activity'' from “Snapchat Analytics'' [sic] Analytics collected from sponsored participants in Onavo’s research program,” another email reads.
Facebook has since expanded the program to Amazon and YouTube, according to court documents.
Within Facebook, there was no consensus on whether Project Ghostbusters was a good idea. Some employees, including Facebook's then-head of infrastructure engineering Jay Parikh and then-head of security engineering Pedro Cannahuati, expressed concerns.
“I can't think of a good argument as to why this is okay. No matter what buy-in we get from the public, security personnel will never be happy with this. I have no idea how that works,” Kanahuati wrote in an email included in court documents.
In 2020, Sarah Grabert and Maximilian Klein reported that Facebook lied about its data collection activities, misused data it “deceptively extracted” from its users to identify its competitors, and exposed itself to these startups. A class action lawsuit has been filed against Facebook, alleging unfair competition.
An Amazon spokesperson declined to comment.
Google, Meta and Snap did not respond to requests for comment.