Instagram and Facebook's built-in web browser is a danger to your privacy

Hypertextual
Technology, science and digital culture
If we say that social networks collect endless amounts of information from their users by constantly monitoring their online activity, we're not discovering anything new. What is surprising is how they increasingly have more tools to do so, even if users haven't given their consent. Thus, for example, it has been discovered that The web browser built into Instagram and Facebook is also a danger to our privacy.
Felix Krause, developer of the automation app Fastlane, has published a detailed report exposing how platforms used by billions of people worldwide are using this method to extract information behind their backs. This is happening on both Android and iOS.
He report in question The new feature focuses on the built-in browser of Facebook, Instagram and Messenger, three of Meta's most popular apps. However, it is also fair to point out that these are not the only social networks that have tools of this type. Twitter also uses a similar solution when users open a link included in a tweet, although Krause does not specify whether it falls into the same practices as Mark Zuckerberg's company.
What browsers built into apps like Facebook and Instagram are proposing is that users can access linked content without having to leave the social networks. Is that convenient? Yes, very convenient. But it also poses a serious threat to the privacy of our personal information, as has been discovered.
What these platforms do when you open a link without using a “conventional” browser, such as Safari or Chrome, is inject a tracerIt records every interaction people make on an external website. According to Krause, this ranges from tapping on an ad to opening another link, selecting text, or taking a screenshot, among other actions.

And if that weren't enough, Instagram and Facebook's built-in browsers could also be able to see your login information when you access a registered platform and manually enter it into a form. The same goes for credit card information when making a purchase. The developer explains that Meta is very likely not to track or extract such specific personal data, but could easily do so without the public noticing.
“I don’t have a list of precise data that Instagram pulls. I have evidence that the Instagram and Facebook apps actively run JavaScript commands to inject additional JS SDK without user consent, in addition to tracking user text selections. If Instagram is already doing this, they could also inject any other JS code. The Instagram app itself is well protected against man-in-the-middle attacks, and only by modifying the Android binary to remove certificate pinning and running it in a simulator was I able to inspect some of its web traffic.”
Even then, most of the real data had another layer of encryption/compression. It's clear they don't really want you to investigate what kind of data is being sent back to the API.
In his tests, Krause found that the tracker used by Facebook and Instagram's built-in browser is the infamous Meta Pixel. It has been in the news recently for being used on American hospital websites to Extract patient information and show them ads based on their illnesses. This has earned Mark Zuckerberg a couple of new demands, but, as the saying goes, What does one more spot do to a tiger?
While the privacy issues of social media-integrated browsers affect both Android and iOS, in the case of Apple's operating system, it's a little more noticeable. Let's not forget that those in Cupertino have seriously addressed protecting their users from unwanted tracking with the implementation of App Tracking TransparencyThis has earned him Meta's complaints, although it has not taken long to find an alternative to continue tracking people.
The main recommendation that Krause gives to avoid this inconvenience is quite simple. When opening an external link from Instagram or Facebook, Do not do this with your built-in browser to avoid loading the unwanted tracker.. After all, you can open it from Chrome, Safari, or another app right from the same screen.
You can also choose to copy the link and open it directly in a conventional browser. And if you're looking for an even more effective solution, you can skip the Facebook or Instagram apps and opt for their mobile web versions.