Meta tried to gain a competitive advantage over its competitors, including Snapchat and later Amazon and YouTube, by analyzing the network traffic of how its users were interacting with Meta’s competitors. Given these apps’ use of encryption, Facebook needed to develop special technology to get around it.

Facebook’s engineers solution was to use Onavo, a VPN-like service that Facebook acquired in 2013. In 2019, Facebook shut down Onavo after a TechCrunch investigation revealed that Facebook had been secretly paying teenagers to use Onavo so the company could access all of their web activity.

After Zuckerberg’s email, the Onavo team took on the project and a month later proposed a solution: so-called kits that can be installed on iOS and Android that intercept traffic for specific subdomains, “allowing us to read what would otherwise be encrypted traffic so we can measure in-app usage,” read an email from July 2016. “This is a ‘man-in-the-middle’ approach.”

A man-in-the-middle attack — nowadays also called adversary-in-the-middle — is an attack where hackers intercept internet traffic flowing from one device to another over a network. When the network traffic is unencrypted, this type of attack allows the hackers to read the data inside, such as usernames, passwords, and other in-app activity.

    • jupiter_jazz@lemmy.dbzer0.com
      link
      fedilink
      English
      arrow-up
      1
      ·
      7 months ago

      Is there a case law that you know about that supports this? I ask, sincerely, because every one that I know of that deals with dmca was a copyright case. Wiretap act or section 5 of the FTC act, sure, but dmca?

      • knightly the Sneptaur@pawb.social
        link
        fedilink
        English
        arrow-up
        3
        ·
        7 months ago

        The DMCA specifically prohibits breaking or bypassing any kind of access controls.

        The only way this could not be a DMCA violation is if they only ever used it to monitor traffic for their own subdomains.

      • Aniki 🌱🌿@lemm.ee
        link
        fedilink
        English
        arrow-up
        3
        ·
        edit-2
        7 months ago

        Mate, the whole point of Snapchat, the application, is limiting, digitally, the rights of your friends and others to view your photo, with a built in expiration on those rights. If you think the DMCA doesn’t apply then you’re out of your fucking mind. Copyright is granted to the photographer the second you press the shutter button.

        EULA:

        Copyright Policy

        This section describes how to provide notice to Snapchat of content on Snapchat that infringes the intellectual property rights of another and Snapchat’s rights with respect to that notice. Snapchat respects the intellectual property rights of others. In accordance with the Digital Millennium Copyright Act (“DMCA”) and other applicable laws, we have adopted a policy of, upon notice, restricting access to or deleting content that infringes a third party’s copyright and, in appropriate circumstances and in our sole discretion, terminating account holders or other users of the Services who are deemed to be repeat infringers of a third party’s copyrighted work.

        If you believe that anything on the Services infringes any copyright that you own or control, you may file a notice of such infringement, in compliance with the requirements of 17 U.S.C. § 512©(3), with our designated agent:

        Snapchat, Inc. Attn: Copyright Agent 523 Ocean Front Walk Venice, CA 90291 copyright@snapchat.com Fax: (310) 943-1793

        • Aatube@kbin.melroy.org
          link
          fedilink
          arrow-up
          1
          arrow-down
          1
          ·
          edit-2
          7 months ago

          They’re sniffing on users’ traffic data, basically browsing history, not the works on Snapchat. Meta wasn’t caring about their photos; they were seeing how foreign platforms’ users interact.