Facebook users are suing Meta for tracking them through a loophole in iOS

In context: Last year, Apple released a security update that restricted third-party apps from trying to track user data and behavior. While most apps adhered to the restrictions, Meta reportedly skirted the limits with Facebook, allegedly tracking users far beyond what Apple allows.

Despite being past its prime, Facebook is still one of the most downloaded programs on the App Store. Statistics from Apptopia show that users downloaded the Facebook app more than 416 million times across all devices in 2021. While it may not match TikTok’s staggering 656 million downloads, Facebook’s numbers are still outstanding. for a website that started in 2004.

Due to the large number of downloads, there is a greater emphasis on security for millions of people. If any company knows a thing or two about user privacy, it’s Apple. Apple has always prioritized protecting users and their data, especially tested by a landscape-altering privacy update the company released in 2021.

One notable change in this privacy movement was allowing users to opt out of having their activities in apps tracked. This policy dealt a serious blow to companies like Meta, which used customer data for targeted advertising. Meta could lose an estimated $12.8 billion in 2022 from these changes alone, according to Lotame.

So Meta decided to look for a loophole, hoping to find a way to retrieve the user’s information once again. The solution she came up with was to open a browser built right into the app instead of using Safari every time users clicked on links. The company believed this would bypass Apple’s strict privacy restrictions and allow it to track at will.

A couple of Facebook users recently filed a class action lawsuit against Meta for using this loophole. The lawsuit claims that Meta’s built-in browser injects JavaScript code into any site they visit within the browser. The plaintiffs believe that this circumvention violates Apple’s privacy rules. Worse yet, the lawsuit claims the workaround could violate state and federal laws, including the Wiretap Act.

This code injection allows Meta to track “all interactions within external sites,” including touch locations and any text the user types, including passwords. Since users do not explicitly consent to embedded browser data tracking, this becomes a significant privacy issue.

A spokesperson for Meta said the allegations were “baseless” and stated: “We have carefully designed our in-app browser to respect users’ privacy choices, including how data may be used for ads.”

We covered a similar issue last month involving TikTok doing the same thing. Like TikTok, Meta came up with an excuse that doesn’t absolve them of wrongdoing.

Felix Krause, an online security researcher, has published reports about other apps that have done this in the past, including Facebook. He insists that Meta should send people to Safari or another external browser to bridge the gap and avoid potential repercussions.

Leave a Comment