Sidebar Sidebar
Become a MacRumors Supporter for $50/year with no ads, ability to filter front page stories, and private forums.

Analysis Suggests Instagram Tracks User Web Activity Through In-App Browser

Whenever you click on an external link in the Instagram app, just tap on the dots on the top right side of the screen and choose 'Open in browser' and you've left their in-app browser.
 
  • Like
  • Love
Reactions: bunnyhero and srbNYC
ponzicoinbro said:
No surprise.

And guess what?

FB tracks everyone who doesn’t even use their apps.

Look at your browser cookies and you will see.

Clear your browser cookies and see again after a couple of hours of random surfing.
Click to expand...
Correct, I don't have an account with any of the Meta products and still have Facebook cookies in my browser despite never visiting that site. For fun, I just deleted the Facebook cookies and they were back 10 minutes later. The only site I'm browsing is MacRumors and I have an ad-blocker installed. What does that tell us?
 
Last edited:
  • Like
  • Wow
Reactions: bunnyhero and ponzicoinbro
I was in the belief that even an in-app browser should use iOS webkit for render the pages...seems I was wrong.
 
Last edited:
  • Like
Reactions: VulchR
Smoovejayy said:
I always figured that was the case when using any in-app browser, that's why I opt to open any of those links in the actual browser, not inside the app's browser.
Click to expand...
How? They removed that option from the Facebook app a while ago
 
diego.caraballo said:
I was in the belief that even an in-app browser should use iOS webkit for render the pages...seems I was wrong.
Click to expand...

No; you were right. You may have missed this line in the original article:

MacRumors said:
With their custom-built browser, still based on WebKit, Instagram and Facebook inject a tracking JavaScript code named "Meta Pixel" into all links and websites shown.
Click to expand...

(emphasis added for clarity)
 
  • Like
Reactions: diego.caraballo
chenks said:
How? They removed that option from the Facebook app a while ago
Click to expand...
I almost never use their app... but I use iOS quite a bit, and I suspect they didn't so much remove the option, as obfuscate it. Try looking under the "share" option, and you should find various browser options.

Of course, that still means that Facebook is tracking you on your way out the door, and likely has cookies to continue tracking you on the destination website when you get there. So, ya know.
 
Deleted my accounts and those apps years ago. As well as not using google for anything. If there was a competitive alternative for YouTube I would ditch that too.
 
  • Like
Reactions: SFjohn
No surprise at all. They want all your personal info.

They FORCE in-app browser and don’t even allow to copy the link to paste elsewhere.

I think Yelp does the same thing. You can’t force touch and copy the link. No, you have to open their in-app browser. THEN you can open in Safari.

Also, Instagram in-app browser disables all the safari ad/tracking blockers.

They are terrible. 👎
 
  • Like
Reactions: SFjohn and TheYayAreaLiving 🎗️
I removed all social media apps from my smartphone years ago. Use them in a browser when you really have to, otherwise they are just designed to function like cancer, and make money only when people spend hours on them every day.
 
contacos said:
I wonder why the EU isn’t looking more into all this ad tracking stuff when they are supposed to be so „pro user“ and privacy concerned.

Open any app with a vpn blocker and you will see that basically any app has some Facebook Graph crap installed, even if you don’t use Facebook or instagram
Click to expand...
The EU is pro-politics, for sale to those who pay to play. They couldn't care less about actual consumer advocacy or protection. Look up how many billions the EU has "lost" or is otherwise "unaccounted for" over the years.
 
  • Like
Reactions: Luis Glez and namavadhuta
McScooby said:
Oof, I always figured the browser was a sandboxed thing, think I’m feelin a lil bit sick now!🤮
Click to expand...
The app itself is sandboxed, but the ability for a browser to run code from the server is essential to what a browser does. This Meta Code is still inside the Instagram app sandbox, so it can’t reach out into your phone and steal other data or look into what type of phone you are using. All Facebook (🤦‍♂️ Meta) does is essentially tag your instance of Instagram with its own unique identifier, which it then uses to track you.

This is in part why Apple only allows its own browser… a browser can be greatly abused from a privacy and security perspective.
 
  • Like
Reactions: VulchR and SFjohn
I can’t say as though I’m surprised at all. It was obvious that they deliberately weren’t using SafariWebView (which has been around for almost 7 years at this point), and it seemed pretty likely it was for nefarious purposes. I figured they were doing exactly that. That, and they wanted to lock you out of using the system share sheet so you couldn’t just shuttle that link you found on Facebook right off to Twitter or some other service. (Twitter was doing something similar for the longest time [re: the share sheet] back then, but it’s legitimately been about six years since I started to step back from Twitter, so I couldn’t tell you what dark patterns the app’s currently forcing on users.)

I only use Facebook in the browser, and in a private browsing session at that. Actually, I always use private browsing on my phone (except for MacRumors, where I use iCabMobile).
 
Resistance is futyle

1B4D387B-4A62-446C-92E4-F03B0020D460.jpeg
 
  • Haha
Reactions: kc9hzn
You must log in or register to reply here.
Register on MacRumors! This sidebar will go away, and you'll see fewer ads.
Top Bottom
Back