When Meta was still called Facebook, the firm repeatedly engaged in incredibly intrusive tracking of its users. However, apparently, the firm has not given up on tracking its users as much as possible – including on the iPhone, when the privacy protection features are active.
Normally, third-party applications that integrate a web browser must use the WebKit component integrated into iOS. Browser specially designed to minimize tracking by third-party applications. Nevertheless researcher Felix Krause realized that Facebook and Instagram actually use an in-house component instead of WebKit.
Felix Krause explains, quoted by WWCFTech: “the Instagram application injects their tracking code on each site that is displayed, even when ads are clicked, which allows them to observe all user interactions, including all links and buttons on which they click, what text they select, but also take screenshots, or suck everything entered into forms, such as passwords, addresses and credit card numbers”.
Fortunately, as Felix Krause notes, several safeguards limit intrusion into users’ privacy, even if this practice is in itself questionable. The Instagram and Facebook browser is only able to spy on what the user does when he clicks on a link or an advertisement from the firm’s applications.
Read also – Meta (Facebook): turnover is falling, what is happening?
Moreover, even though Felix Krause claims that Facebook and Instagram can suck your passwords and payment card numbers, there is no evidence that Meta is interested in this data. In fact, the biggest problem, in the end, is that Meta still plays on the sly of the explicit consent provided for by the GDPR as well as the systems put in place by companies like Apple to protect the privacy of users.