{
  "$type": "site.standard.document",
  "createdAt": "2022-08-10T19:30:00+01:00",
  "description": "Instagram and Facebook will track your behaviour online if you use the browsers embedded within their apps.",
  "path": "/stream/metas-in-app-browser-tracking",
  "publishedAt": "2022-08-10T19:30:00+01:00",
  "site": "at://did:plc:swxoj3wjlwodcqs5ipmvgnug/site.standard.publication/3mnv7gbn3czno",
  "tags": [
    "Web",
    "Security",
    "Apple",
    "Apps"
  ],
  "textContent": "Counterargument to yesterday's post about PWAs vs. native apps: Instagram and Facebook are injecting tracking scripts to their in-app browsers! It looks like they're doing this by using a webview, rather than the embedded Safari view, to show the web within the Instagram/Facebook app. This is eminently not a problem if you're using Instagram or Facebook in the browser, rather than using the mobile app. Similarly, if you use the \"Open in Browser\" option for links in Instagram/Facebook, they won't be able to track you there, either. The tracking code is only embedded in webviews launched by the Instagram/Facebook app. Obviously blame lies at least a little bit with Apple for making this sort of thing possible—which sort of works at cross-purposes to their argument that Safari is the only viably secure browser on iPhones. (Interestingly, this tracking behaviour isn't found on the in-app browser on WhatsApp—another Meta property.)",
  "title": "Meta's in-app browser tracking",
  "updatedAt": "2022-08-10T19:44:59+01:00"
}