Meta Sued for Tracking iOS Users Even If They've Opted Out

pcmag.com:

Meta is facing a proposed class-action lawsuit that claims it developed a secret work-around for Apple's privacy rules on iOS, allowing it to collect personal data without consent.

Last year, Apple changed the rules for iOS app developers by forcing them to ask a user's permission before their apps are allowed to collect tracking data. The Facebook app on iOS must therefore ask for permission from each user, but as Bloomberg reports(Opens in a new window), this lawsuit (Willis v. Meta Platforms Inc., 22-cv-05376) accuses Meta of circumventing the rules and tracking a user regardless of their choice.

So how does this tracking work? The lawsuit explains how Meta's Facebook app opens links in an in-app browser rather than the user's default browser. By doing so, the activity of the user can easily be tracked while skirting around Apple's app privacy rules.

If that is indeed the case, it would technically violate Apple's rules for users who opted out of tracking, but that would need to be proven in court. The lawsuit also claims this behavior violates state and federal laws limiting unauthorized collection of personal data. Meta has yet to comment publicly on the matter.

Back in August, researcher Felix Krause discovered multiple apps were using in-app browsers to inject JavaScript into websites to allow users to be tracked. Both the Facebook and Instagram apps have been proven to inject JavaScript, with Meta stating in a comment forming part of the JavaScript code it uses that it was, "developed to honor people's privacy and [App Tracking Transparency] choices."

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or