(Credit: Glen Carrie/Unsplash)

As we come to learn more about online privacy and how our personal data may be bought and sold like stocks and bonds, we seem to find out more and more about the role that social networks can play in this market. In August, for example, Facebook had what appeared to be an innocuous VPN (virtual private network) app called Onavo -- which was quickly removed by Apple for what the latter perceived as violations of its policies about user privacy.

Judging by a new trove of documents emerging from a Facebook-related lawsuit in the UK, it appears as though Apple's concerns were warranted, CNET and others report. According to Parliament chairman Damian Collins, the Onavo app was used deliberately by Facebook to secretly collect data about other apps on the user's device, and this data was leveraged to determine Facebook's future acquisitions and other market strategies.

SEE: Will the redesigned Facebook Messenger recapture its glory?

Facebook discloses its data collection in the fine print, but the description of the app's behavior on the Google Play Store is arguably opaque: "Because we're part of Facebook, we also use this info to improve Facebook products and services, gain insights into the products and services people value, and build better experiences."

While this statement is technically true, it also doesn't communicate much concrete information. That information is now coming out in the UK report.

The Royal Bank of Canada was one of the recipients of the data collected by Onavo, according to Canadian newspaper Globe and Mail. In that case, it may be of interest to investigators that an RBC analyst spoke to CNBC about Facebook in mid-August, asserting that the social network's stock price slide was a market overreaction, adding: "I think it's the most appealing risk-reward name in large cap, maybe in tech, but certainly in internet."

Netflix, Airbnb, and Badoo were also identified in the report as services that were "whitelisted" (approved) by Facebook to obtain data about the people that the social network's users identified as friends. Facebook says that these deals were not open-ended, but it does not specify dates when such deals began or ended.

In another instance of "it takes two to tango," the 223-page report issued in the UK lawsuit also cites one instance where rideshare company Lyft asked Facebook for lists of customers' friends, ostensibly for riders to know when someone else in the vehicle happens to be a mutual friend.

While Lyft describes this as an "ice breaker" feature, Facebook users would probably want to know if their friends lists were being exported and analyzed for social interconnections. Such a feature was never publicly proposed.

Given that Facebook also owns Instagram and WhatsApp, the reach of its data collection ambitions may not be limited to Facebook itself. In which case, users who have concerns about their privacy may want to reconsider how much they use those other two platforms, if at all.

Takeaways

  • A report from the UK Parliament states that Facebook used a VPN app called Onavo to secretly collected data on other apps on the user's device, and that this data was used to decide on Facebook's future acquisitions and other market strategies.
  • According to this report, the Royal Bank of Canada was one of the recipients of Facebook's secretly collected data. In August, an RBC analyst told CNBC that Facebook's stock market slide at the time was an overreaction and that it was "the most appealing risk-reward name in large cap, maybe in tech, but certainly in internet."

Also see

Tom McNamara is a Senior Editor for CNET's Download.com. He mainly covers Windows, mobile and desktop security, games, Google, streaming services, and social media. Tom was also an editor at Maximum PC and IGN, and his work has appeared on CNET, PC Gamer, MSN.com, and Salon.com. He's also unreasonably proud that he's kept the same phone for more than two years.