Does a VPN hide data usage

Facebook spies on users of its VPN service

It is a convenient solution to a pervasive problem that the Facebook service Onavo offers its users. The mobile data volume is quickly exhausted by Facebook, Spotify and Co. Buying more data packages every month can quickly become expensive. But Facebook has help at hand: With Onavo, Android users get a better overview of their mobile data consumption. Which app uses how much data? Onavo tells you, appropriately visualized with pretty graphics. Apps can be banned from using mobile data with one click.

But Onavo can do even more. Because behind all the visualizations there is a VPN service that runs all data connections via the Onavo servers. With this, Onavo protects “personal information” and adds an “extra layer of security and encryption”, says the app description in the Google Play Store.

The iOS version of Onavo for the iPhone and iPad from Apple should also improve "security". However, the VPN service can only read unencrypted data traffic that occurs when surfing in the browser.

Onavo spies on users

That sounds practically for everyone with limited mobile data volume and a need for more security in the network. Above all, Facebook itself, which Onavo bought in 2013, benefits from this. Because the app spies on its users unrestrainedly. Instead of protecting personal data, it evaluates it for commercial purposes.

Onavo stores, analyzes and shares with Facebook which internet services and apps - in the case of Android - its users use. Onavo only informs its users about this covertly. The company does not indicate this either on the information page in the Google Play Store or in the Frequently Asked Questions. The information can only be found in the data protection guidelines, which almost no one reads. There it says (own translation):

When using the apps, you choose to route all mobile data usage through or to Onavo's servers. As a result, we receive information about you, your online activities and your device or browser when you use the service. […] Onavo can use your information to analyze how you use apps and data.

According to these guidelines, there is the option to at least partially object to the data analysis by Onavo. However, the link provided to the page with further information does not work.

Recognize new trends

Facebook uses this data, among other things, to gain information about its competitors and emerging startups, as the Wall Street Journal (Paywall) writes. Accordingly, Onavo Facebook gives a deep insight into the usage behavior of smartphone owners. The US company can quickly identify new trends, such as live streams, and integrate them into its services.

When Facebook bought Onavo in 2013, it wasn't mentioned in the official press releases. Facebook reports that the purchase of the Israeli company is an important part of its mission to connect more people to the Internet. With Internet.org (now Free Basics), Facebook wants to connect the remaining two thirds of the world's population without an Internet connection to the Internet. Critics see the technical implementation as endangering net neutrality. Onavo should help with this with its VPN service that compresses data. Techcrunch and Buzzfeed wrote back then that Facebook was primarily concerned with Onavo's technology for analyzing mobile data traffic.

When choosing a VPN provider, the general terms and conditions and the privacy policy should be observed in order to avoid nasty surprises like in the case of Onavo. The Electronic Frontier Foundation provides further information on its website.

For users of Onavo it is advisable to follow the advice from Onavo's own data protection guidelines:

If you do not want us to receive any information about you, you should uninstall the apps and stop using our services.

Would you like more critical reporting?

Our work at netzpolitik.org is financed almost exclusively by voluntary donations from our readers. With an editorial staff of currently 15 people, this enables us to journalistically work on many important topics and debates in a digital society. With your support, we can clarify even more, conduct investigative research much more often, provide more background information - and defend even more fundamental digital rights!

You too can support our work now with yours Donation.

About the author

Simon Rebiger

Simon was a journalist in the editorial team of netzpolitik.org from autumn 2015 to March 2019. He is interested in surveillance, data protection and the social impact of new technologies. He tweets as @s_phre and can be reached by email, also encrypted [57A7 8D4D 3E70 30AE A2F2 A208 616F 6CEE 7A1D 3B27].
Published 08/10/2017 at 5:55 PM