Recent revelations from unsealed court documents have uncovered a covert initiative orchestrated by Facebook back in 2016, known internally as "Project Ghostbusters."
This operation now emerges into the light, shedding new insights into the inner workings of one of the world's most influential tech giants.
Unveiling Project Ghostbusters
Project Ghostbusters aimed to intercept and decrypt the encrypted network traffic between users of Snapchat's app and its servers. By delving into this encrypted data, Facebook hoped to gain valuable insights into user behavior, ultimately seeking to enhance its competitive position against Snapchat.
These revelatory court papers, unearthed during an ongoing class action lawsuit between consumers and Meta, Facebook's parent company, offer a glimpse into Meta's concerted efforts to gain a strategic advantage over its rivals, including Snapchat, Amazon, and YouTube.
To achieve this goal, TechCrunch reported that Meta extensively analyzed the network traffic patterns of its users as they engaged with competing platforms.
However, the encryption employed by these apps posed a significant obstacle, necessitating the development of specialized technology by Facebook engineers to circumvent these security measures.
Project Ghostbusters was a crucial component of Meta's broader In-App Action Panel (IAPP) program. This program involved intercepting and decrypting encrypted app traffic, initially focusing on Snapchat users before later extending to YouTube and Amazon users.
Addressing Snapchat's Encryption Challenge
In a notable email exchange dated June 9, 2016, Meta's CEO, Mark Zuckerberg, expressed his concerns regarding the lack of analytics stemming from Snapchat's encrypted traffic.
Zuckerberg emphasized the urgency of obtaining reliable data analytics, particularly in light of Snapchat's rapid growth. He proposed exploring alternative methods, such as implementing panels or developing custom software, to address this pressing challenge.
In response to Zuckerberg's directive, Facebook engineers devised a solution centered around utilizing Onavo, a VPN-like service acquired by Facebook in 2013. However, this approach faced scrutiny in 2019.
The investigation uncovered Facebook's covert practice of incentivizing teenagers to use Onavo, enabling the company to access its entire web activity. Consequently, Facebook discontinued Onavo to address privacy concerns and regulatory scrutiny.
Subsequently, the Onavo team embarked on the task of developing "kits" that could be installed on both iOS and Android devices. These kits were designed to intercept traffic for specific subdomains, allowing Facebook to bypass encryption and analyze in-app usage.
This approach, known as a "man-in-the-middle" technique, enabled Facebook to gather crucial data that was previously obscured by encryption protocols.
Despite the encryption employed by Snapchat for app-to-server traffic, Facebook engineers found a way to leverage Onavo to intercept and analyze network traffic on devices before encryption.
Another email highlighted the newfound capability to capture detailed in-app activity by parsing Snapchat analytics collected from participants incentivized through Onavo's research program.