The way Facebook had implemented the system, it was 100% against Apple's T&C. Large companies can use Apple's Enterprise program to better be able to manage their own devices (such as employee iPhones). This is implemented by Apple providing Facebook (or whatever company) a secure certificate to sign their apps with. Part of the T&C of the enterprise program is that these certificates/ privileges are only to be used on internal devices. So Facebook can only install their custom applications on devices internal to the company. In order to install this data tracking application, Facebook was using their internal certificate to perform the install. Misusing that certificate was what broke Apple's T&C, and Apple de-authenticated the certificate because of it. Ironically, it killed all of the applications the Facebook had signed with that certificate, causing them to no longer work. Not a fun day to be Facebook.
Facebook could have gone through the proper process to have the app on Apple's App Store. Nothing was preventing them from doing so. Apple takes their devices security very seriously, and anytime anyone is circumventing the security they take action, especially if it is impacting their customers. I'm sure that Facebook was not completely forthcoming to the people that installed the app about the implications of their data collection. I am certain that it would have been a very long contract with lots of hidden caveats that would not be apparent to the end user. Facebook has already been under scrutiny over their own T&C. Though the end user may have agreed to it, there is discussion happening regarding whether end user's are bound, as no proof can be made whether they actually read the contract.
In terms of your comment about Apple "taking away your right", their device their rules. You, as an individual, are more than welcome to sign whatever contract you want to with Facebook or any other corporation for that matter. Because Facebook was not within the T&C of Apple's program, Apple had every right to pull the certificate. Both parties agreed to a set of rules and one party broke their agreement. Additionally, Apple maintains every right to block certain use on any iPhone. If you read the terms and conditions of using iOS, which is a requirement on an iPhone (or any i device), you will find that Apple reserves the right to govern the activity and use of the device. So, like I said earlier, you are welcome to enter into any contract you want to with Facebook, but if you are using an iPhone, Apple can say, "Not on my device you aren't."
.png)
