Become Express Subscriber

Facebook, Instagram inject ‘tracking code’ in in-app browser to monitor usage: Report

Facebook and Instagram apps have been using javascript code to track user-activity when they open any links with the apps' in-app browsers. Read more below.

facebook, facebook news, instagram, instagram news,While Facebook may not necessarily be using this method

When users open a link on the Facebook and Instagram apps, they’re taken to the respective page not via a browser of their choice, one installed on their phones, but via Facebook or Instagram’s in-app browser. While this may seem convenient, recent reports suggest parent company Meta may have other motives behind implementing an in-app browser for links.

As per a report by researcher Felix Krause, via Engadget, it is found that the default in-app browser on Facebook and Instagram injects ‘tracking code’ into every website it visits for you, allowing a number of elements to be monitored, likely without the user’s explicit knowledge. These include which ads you click on, which buttons you hit, text selections and more.

“The Instagram app injects their tracking code into every website shown, including when clicking on ads, enabling them to monitor all user interactions, like every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers,” Krause said in a blog post.

The researcher’s work mainly focused on the Facebook and Instagram apps for iOS. However, Krause noted that Facebook may not be necessarily using the javascript injection to collect sensitive data, but regardless, the approach here does seem fishy, and that’s because it lets Meta monitor usage over both unencrypted and encrypted sites; the latter is something other browsers would not allow.

In a later tweet, Krause admits that Facebook reached out to the researcher saying the system they’ve built honours the user’s ATT choice

Krause further added that communication app WhatsApp, also owned by Meta, doesn’t modify third party websites in a similar way, and suggested that Facebook and Instagram should also follow similar methods.

Subscriber Only Stories
First published on: 13-08-2022 at 10:27:39 am
Next Story

By chance, AP reporter on scene to witness Rushdie attack

Next Story