Facebook Spied on Users' Snapchat Traffic

A covert operation undertaken by Facebook, known internally as "Project Ghostbusters," has been exposed, revealing the company performed secret surveillance on Snapchat's network traffic. This was done to covertly analyze user behavior and gain a competitive edge. Initiated in 2016, this secretive endeavor was later expanded to include Amazon and YouTube. The project utilized technology from the Facebook-acquired VPN service Onavo, which allowed for the decryption of secured app traffic.

The operation came to light through court documents relevant to a class-action lawsuit against Facebook's parent company, Meta. Mark Zuckerberg, in a 2016 email highlighted by TechCrunch, emphasized the need for Facebook to gain insights into Snapchat's growing user base, stating, "Given how quickly they’re growing, it seems important to figure out a new way to get reliable analytics about them."

This led to the inception of Project Ghostbusters, which employed aggressive technological measures to intercept and decrypt SSL-protected traffic. The project involved kits developed by Onavo's team that enabled the measurement of in-app usage on iOS and Android devices through a man-in-the-middle attack.

There were internal concerns about the ethical implications of such surveillance. Pedro Canahuati, Facebook’s then-head of security engineering, expressed his discomfort with the project, stating, "No security person is ever comfortable with this, no matter what consent we get from the general public."

Project Ghostbusters adds to a series of controversies surrounding Facebook's data-gathering practices. In 2019, Facebook secretly paid teens to install a VPN which spied on their device activity. This was again in an effort to unearth data on its competitors. Facebook might sometimes be a victim of cybercrime, but it’s also been the perpetrator — both now and in the past.