Privacy researcher Felix Krause warns that Instagram and Facebook apps track what people do when they browse third-party websites without their permission.
Krause, a former Google engineer, wrote in a blog Wednesday that the iOS app embeds code on every website viewed and uses a “private in-app browser” instead of the built-in Safari to track the activity of users.
Krause wrote that the app does this “without the consent of the user or the site provider.”
The researcher emphasized that Instagram cannot identify the exact data it tracks, but that these in-app browsers allow tracking of everything the user does on the website, including “every click” and “ -behavior scroll.”
He added that such scanners could be used to steal sensitive data such as home addresses.
Instagram’s parent company, Meta, told the Guardian on Thursday that injecting the tracking code was in line with its choices about whether to allow apps to follow them.
A company spokesperson said: “We developed this icon to honor people’s choices. [اطلب التتبع] on our platforms. The code allows us to collect user data before using it for targeted advertising or measurement purposes.”
“For in-app browser purchases, we ask for user permission to save payment information for autofill purposes,” the spokesperson said.
In response to Meta’s statement, Krause said that this practice “still puts the user at great risk” and that “there is no way to disable the in-app private browser.”
Commenting on the privacy report released last month, Meta said its goal is to “achieve a balance between privacy and integrity when using people’s data to minimize bad experiences with our technologies.”
Source: RT
Source: Arabic RT
