MacDirectory Magazine

The Photo Issue

MacDirectory magazine is the premiere creative lifestyle magazine for Apple enthusiasts featuring interviews, in-depth tech reviews, Apple news, insights, latest Apple patents, apps, market analysis, entertainment and more.

Issue link: https://digital.macdirectory.com/i/1481697

Contents of this Issue

Navigation

Page 20 of 133

Social media platforms have had some bad press in recent times, largely prompted by the vast extent of their data collection. Now Meta, the parent company of Facebook and Instagram, has upped the ante. Not content with following every move you make on its apps, Meta has reportedly devised a way to also know everything you do in external websites accessed through its apps. Why is it going to such lengths? And is there a way to avoid this surveillance? ‘Injecting’ code to follow you Meta has a custom in-app browser that operates on Facebook, Instagram and any website you might click through to from both these apps. Now ex-Google engineer and privacy researcher Felix Krause has discovered this proprietary browser has additional program code inserted into it. Krause developed a tool that found Instagram and Facebook added up to 18 lines of code to websites visited through Meta’s in-app browsers. This “code injection” enables user tracking and overrides tracking restrictions that browsers such as Chrome and Safari have in place. It allows Meta to collect sensitive user information, including “every button and link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers” Krause published his findings online on August 10, including samples of the actual code. In response, Meta has said it isn’t doing anything users didn’t consent to. A Meta spokesperson said: We intentionally developed this code to honour people’s [Ask to track] choices on our platforms […] The code allows us to aggregate user data before using it for targeted advertising or measurement purposes. The “code” mentioned in the case is pcm.js – a script that acts to aggregate a user’s browsing activities. Meta says the script is inserted based on whether users have given consent – and information gained is used only for advertising purposes. So is it acting ethically? Well, the company has done due diligence by informing users of its intention to collect an expanded range of data. However, it stopped short of making clear what the full implications of doing so would be. People might give their consent to tracking in a more general sense, but “informed” consent implies full knowledge of the possible consequences. And, in this case, users were not explicitly made aware their activities on other sites could be followed through a code injection. Why is Meta doing this? Data are the central commodity of Meta’s business model. There is astronomical value in the amount of data Meta can collect by injecting a tracking code into third-party websites opened through the Instagram and Facebook apps. At the same time, Meta’s business model is being threatened – and events from the recent past can help shed light on why it’s doing this in the first place. It boils down to the fact that Apple (which owns the Safari browser), Google (which owns Chrome) and the Firefox browser are all actively placing restrictions on Meta’s ability to collect data. Last year, Apple’s iOS 14.5 update came alongside a requirement that all apps hosted on the Apple app store must get users’ explicit permission to track and collect their data across apps owned by other companies. Meta has publicly said this single iPhone alert

Articles in this issue

Archives of this issue

view archives of MacDirectory Magazine - The Photo Issue