Meta has publicly said this single iPhone alert is costing its Facebook business US$10 billion each year.Īpple’s Safari browser also applies a default setting to block all third-party “cookies”. Last year, Apple’s iOS 14.5 update came alongside a requirement that all apps hosted on the Apple app store must get users’ explicit permission to track and collect their data across apps owned by other companies. It boils down to the fact that Apple (which owns the Safari browser), Google (which owns Chrome) and the Firefox browser are all actively placing restrictions on Meta’s ability to collect data. There is astronomical value in the amount of data Meta can collect by injecting a tracking code into third-party websites opened through the Instagram and Facebook apps.Īt the same time, Meta’s business model is being threatened – and events from the recent past can help shed light on why it’s doing this in the first place. 9h0PIoIOSS- Felix Krause AugWhy is Meta doing this? Image: KnowTechieĭata are the central commodity of Meta’s business model. However, this doesn’t change anything about my publication: The Instagram iOS app is actively injecting JavaScript code into all third party websites rendered via their in-app browser. People might give their consent to tracking in a more general sense, but “informed” consent implies full knowledge of the possible consequences.Īnd, in this case, users were not explicitly made aware their activities on other sites could be followed through a code injection.įacebook reached out to me, saying the system they’ve built honours the user’s ATT choice. However, it stopped short of making clear what the full implications of doing so would be. So is it acting ethically? Well, the company has done due diligence by informing users of its intention to collect an expanded range of data. Meta says the script is inserted based on whether users have given consent – and information gained is used only for advertising purposes. The “code” mentioned in the case is pcm.js – a script that acts to aggregate a user’s browsing activities. We intentionally developed this code to honour people’s choices on our platforms The code allows us to aggregate user data before using it for targeted advertising or measurement purposes. In response, Meta has said it isn’t doing anything users didn’t consent to. Krause published his findings online on August 10, including samples of the actual code. It allows Meta to collect sensitive user information, including “every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers”. This “code injection” enables user tracking and overrides tracking restrictions that browsers such as Chrome and Safari have in place. Krause developed a tool that found Instagram and Facebook added up to 18 lines of code to websites visited through Meta’s in-app browsers. READ MORE: FTC lawsuit exposes major privacy risk, and it’s your phone’s fault Now ex-Google engineer and privacy researcher Felix Krause has discovered this proprietary browser has additional program code inserted into it. Meta has a custom in-app browser that operates on Facebook, Instagram and any website you might click through to from both these apps. Why is it going to such lengths? And is there a way to avoid this surveillance? ‘Injecting’ code to follow you Not content with following every move you make on its apps, Meta has reportedly devised a way to also know everything you do in external websites accessed through its apps. Now Meta, the parent company of Facebook and Instagram, has upped the ante. Social media platforms have had some bad press in recent times, largely prompted by the vast extent of their data collection.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |