Meta sued for skirting Apple privacy rules to snoop on users
Meta Platforms Inc. was sued for allegedly building a secret work-around to safeguards that Apple Inc. launched last year to protect iPhone users from having their internet activity tracked.
In a proposed class-action complaint filed Wednesday in San Francisco federal court, two Facebook users accused the company of skirting Apple’s 2021 privacy rules and violating state and federal laws limiting the unauthorized collection of personal data. A similar complaint was filed in the same court last week.
The suits are based on a report by data privacy researcher Felix Krause, who said that Meta’s Facebook and Instagram apps for Apple’s iOS inject JavaScript code onto websites visited by users. Krause said the code allowed the apps to track “anything you do on any website,” including typing passwords.
Responding to the report, Meta acknowledged that the Facebook app monitors browser activity, but denied it was illegally collecting user data.
According to the suits, Meta’s collection of user data from the Facebook app helps it circumvent rules instituted by Apple in 2021 requiring all third-party apps to obtain consent from users before tracking their activities, online or off.
Apple’s privacy changes cut deep into Meta’s ability to collect user data from iOS users, costing it $10 billion in its first year, according to the Electronic Frontier Foundation.
The Facebook app gets around Apple privacy rules by opening web links in an in-app browser, rather than the user’s default browser, according to Wednesday’s complaint.
“This allows Meta to intercept, monitor and record its users’ interactions and communications with third parties, providing data to Meta that it aggregates, analyzes, and uses to boost its advertising revenue,” according to the suit.
Meta didn’t immediately respond to a request for comment.