Instagram may track user data and behavior through its in-app browser; Meta Responds: Report

The Instagram app can track every user interaction – including all form inputs such as password, address, per tap, text selection, and screenshots – with external websites accessed through the platform’s in-app browser, according to a report. The Instagram app is said to have injected JavaScript code into every web page displayed, including when an ad is clicked, which allows the company to track all user interactions. According to Meta, the script that the Instagram app includes helps the company “aggregate events” and respect users’ App Tracking Transparency (ATT) opt-out.

According to a blog post by Felix Krause, owner of fastlane – an open source platform that aims to simplify Android and iOS implementation – Instagram apps inject their JavaScript code into every web page displayed, including when an ad is clicked, within the app. The inclusion of custom scripts on third-party websites allows the platform to “monitor all user interactions, like every button and link clicked, text selection, screenshots, etc. as well as any form inputs, such as passwords, addresses, and credit card numbers” without the user’s consent.

In layman’s terms, when you tap a website link, swipe up, or a link to buy anything through an Instagram ad, it opens an in-app browser window instead. because open in default browser (Google Chrome, The hunt, among others) that you have placed on your phone. According to the blog, the Instagram app injects their JavaScript code into every web page displayed, allowing them to “track everything that happens on external sites – without consent from the user or the site provider.” web” – when you are using the website opened in Instagram by -Browser app.

App tracking transparency feature in iOS 14.5 allows users to decide which apps have permission to track their data. Meta It is reported that this has cost the company $10 billion (approximately Rs. 80,000 crore) per year. The blog notes that to be safe from tracking, users can copy and open the link in their favorite browsers. Apple Safari web browser blocks third-party cookies by default, Google Chrome will soon start removing third-party cookies and Firefox’s recently-announced Total Cookie Protection will prevent any cross-site tracking.

Meanwhile, Meta responded to Krause saying that the included script is “not a Meta Pixel” – a piece of JavaScript code that allows tracking of visitor activity on a website. Meta says it’s a pcm.js script, “which aggregates events, i.e. online purchases, before those events are used for advertising and targeting for the Facebook platform.” Meta also states that the included script respects the user’s choice to opt-out of Application Tracking Transparency (ATT) “only appropriate if the rendered web page has Meta Pixels Settings.” ATT is an iOS framework that requires all iOS apps to ask users for permission to share their data.

Krause says he went back to Meta to ask for more details about the same thing. However, he points out that all of this (entering the code and respecting the user’s ATT choice) “would not have been necessary if Instagram had opened the phone’s default browser, rather than building and using the browser’s default browser.” custom in-app browsing”.

Source link


News7F: Update the world's latest breaking news online of the day, breaking news, politics, society today, international mainstream news .Updated news 24/7: Entertainment, the World everyday world. Hot news, images, video clips that are updated quickly and reliably

Related Articles

Back to top button