Onavo & Research App
This is less of a blunder than, arguably, planned deviousness. Facebook, on two occasions, collected massive amounts of personal data on users of its first-party VPN apps. The first was an app called Onavo, which Apple pulled from its App Store when news spread of its data collection policies. The second, and perhaps more notable, was a Facebook research app that the social media giant convinced teens to side-load on their devices.
The app itself was a clear violation of Apple’s developer policies, particularly since it bypassed the App Store entirely by using an enterprise certificate meant solely for in-house apps. Apple responded by pulling that certificate, which reportedly caused chaos at Facebook HQ since it broke critical internal software.