Krause on Thursday also released a tool that lets people check if the browser they are using injects any new code into websites, and what activity the company might be monitoring. WhatsApp, which the company also owns, appears to be in the clear because it doesn’t use an in-app browser. The new research follows a report last week by Krause about in-app browsers, which focused specifically on Meta-owned apps Facebook, Instagram and Facebook Messenger.
Even though Krause was able to identify a few specific examples of what the apps can track (like TikTok’s ability to monitor keystrokes), he said his list isn't exhaustive and the companies could be monitoring more. Nor does the tool reveal if any of the activity is tied to a user’s identity or profile. While Krause’s research reveals the code companies including TikTok and Facebook parent Meta are injecting into websites from their in-app browsers, the research does not show that these companies are actually using that code to collect data, send it to their servers or share it with third parties. TikTok did not answer questions about the SDK, or what third party makes it. The SDK includes features the app does not use, the company said. The company said the JavaScript code is part of a third-party software development kit, or SDK, a set of tools used to build or maintain apps.
"Like other platforms, we use an in-app browser to provide an optimal user experience, but the JavaScript code in question is used only for debugging, troubleshooting and performance monitoring of that experience - like checking how quickly a page loads or whether it crashes,” spokesperson Maureen Shanahan said in a statement.
0 kommentar(er)
