.png)
Recently released court documents provide detailed information on how Meta, formerly known as Facebook, managed to intercept the internet traffic of Snapchat users in 2016. Utilizing the Onavo VPN, which Meta acquired in 2013, the American tech giant was able to carry out this operation.
The documents reveal that Meta established an internal program known as the In-App Action Panel. Allegedly developed at the request of Meta's CEO, Mark Zuckerberg, this program employed a man-in-the-middle attack to redirect the internet traffic of Snapchat users to Meta servers through the Onavo VPN. This confirmation comes after years of speculation and rumors surrounding the company's practices.
According to the documents, Meta's servers were equipped with fake certificates posing as Snapchat's analytics servers. This deceptive tactic granted Meta access to encrypted internet traffic that was not intended for the company, allowing them to monitor and analyze how Snapchat users interacted with the app.
Initially focusing on Snapchat users in 2016, Meta expanded its surveillance efforts in 2017 and 2018 to include encrypted internet traffic to and from YouTube and Amazon servers using the same method. The objective was to gain a competitive edge over rival services, leading to allegations from prosecutors that Meta violated the Wiretap Act, which prohibits unauthorized interception of electronic communications.
The court documents validate previous reports by The Wall Street Journal in 2017, which claimed that Meta was monitoring competitor Snapchat through the Onavo Protect app. By that time, the app had amassed over 24 million individual downloads, with its privacy policy disclosing the collection of internet traffic data, including message content. Israel-based VPN service Onavo was acquired by Meta in 2013, though the company decided to discontinue the app in 2019.
English (US)