Meta Secretly Tracked Android Users’ Web Activity for Months

quick Summary

• Tracking Exploit: Meta and Yandex leveraged a security loophole in Android to covertly track users’ web browsing activity through installed apps.
• Technical Details: Using the localhost function,JavaScripts (Meta Pixel and Yandex metrica) embedded in websites connected to Android apps,sharing identifiers and browsing data without user consent across browsers like Chrome,firefox,Edge. Brave successfully blocked such tracking.
• Timeline: Meta began tracking in September 2024 but ceased as of June 2025; Yandex initiated tracking as 2017 but has pledged discontinuation after exposure.iOS devices were not flagged for similar practices due to restrictive native app background operation policies.
• Widespread Impact: Over 17,000 U.S.-based websites employing Meta Pixel enabled localhost communications; more than 78% conducted activity without user consent on platforms like AP News and Buzzfeed.Potentially billions of users globally could be implicated during the timeline observed in the report.
• Statement from Meta: “We paused this feature while resolving concerns with Google regarding policy miscommunication.”

Image: Sign outside of Meta Platforms Headquarters, Source: Bloomberg via Getty Images
!medium=RSS”>Read More

Indian Opinion Analysis

The exposed practice underscores significant vulnerabilities within digital privacy frameworks globally, including India-the latter poised on nurturing large-scale internet penetration via affordable devices and services like Android smartphones dominating its mobile ecosystem. The covert exploitation by corporations such as Meta reflects an urgent need for robust regulations concerning digital privacy rights.As technology accelerates societal advancement in India, legislature updates ensuring proactive cross-vigilance possibly empowers citizen +enterprise entity co-stream safewalled app enduring checks!