by Rich Edwards Sep 2, 2022

What we're reading - 09/02/22 Edition

Privacy, privacy, privacy, and how the tech companies get around barriers to it

Happy Labor Day!

Ah, that last Friday before the “official” end of summer and labor day. To head you off into your weekend, a few reads about the ongoing battle around privacy, particularly for individual consumers. First, we have a story on Meta’s aspirations for creating a super app, and potentially the threat it represents to banks and credit unions. In that vein, we also look deeper at how Meta (Facebook, Instagram, What’s App, etc.) is trying to skirt restrictions built into iOS. And finally, stats and analysis of the data collection practices of the most popular business apps.

What these recent stories have in common is the immense value of customer data, and the great lengths tech companies will go to get it. As a digital advertiser, this has a trickle-down effect on you, providing more actionable insight into which ads are working and where. However, it is clear that comprehensive privacy legislation is coming. Now is the time to formulate and begin to execute on a 1st party data strategy. This can enable you to serve your communities better and more efficiently and build out your own competitive moat in your markets. If you have questions on where to start or your next steps, we’re here to help.

1. Meta’s “super app” plan

Grady McGregor of Fortune writes on Meta’s launch of grocery purchase integration into their WhatsApp messaging app in India.

The new service may be the first step in fulfilling Zuckerberg’s goal of creating a super app.

In 2019, Zuckerberg laid out his ambitions to turn Meta’s platforms into an all-in-one tool that could centralize “calls, video chats, groups, stories, businesses, payments, commerce, and… many other kinds of private services.”

Later that year, Zuckerberg lamented that he didn’t listen to advice from The Information’s Jessica Lessin in 2015 to copy the success of WeChat, a messaging app turned super app owned by China’s Tencent Holdings.

In China, WeChat is like WhatsApp, Uber, Fortnite, and Instagram all rolled into one. It is a messaging app that contains an entire eco-system of mini-apps. Users pay their bills, buy groceries, and play games without leaving WeChat.

Capturing the rails of commerce, particularly payment, is a surefire way to dictate conditions under which those things happen. Copying the fintech playbook further leverages their dominant position in customer acquisition.

2. Facebook/Instagram and End Run on Apple Privacy Protocols

In the ever-evolving cat and mouse game of privacy and digital advertisers, privacy researcher Felix Krause documented the way social media apps like Facebook and Instagram try to get around Apple’s anti-tracking features of iOS latest release.

What does Instagram do?

  • Links to external websites are rendered inside the Instagram app, instead of using the built-in Safari.
  • This allows Instagram to monitor everything happening on external websites, without the consent from the user, nor the website provider.
  • The Instagram app injects their JavaScript code into every website shown, including when clicking on ads. Even though the injected script doesn’t currently do this, running custom scripts on third party websites allows them to monitor all user interactions, like every button & link tapped, text selections, screenshots, as well as any form inputs, like passwords, addresses and credit card numbers.

So why go to such lengths? It’s all about the ad dollars:

Apple’s simple iPhone alert is costing Facebook $10 billion a year

Facebook complained that Apple’s App Tracking Transparency favors companies like Google because App Tracking Transparency “carves out browsers from the tracking prompts Apple requires for apps.”

As a follow-up to this initial post, Felix expanded coverage to look at Tik Tok and some of the more detailed ways Instagram can track granular user behavior.

TikTok's In-App Browser injecting code to observe all taps and keyboard inputs, which can include passwords and credit cards

3. How much data is that app collecting?

On Deck presents a series of infographics on the level of data collection from some of the most popular business-focused mobile apps.

Key Findings

  • With 32 data segments of personal data, Facebook Messenger came up top as the most invasive Communications app in our study.
  • Requiring permissions for 26 data segments, PayPal is the most invasive Finance app.
  • eBay is the most invasive eCommerce app, collecting 21 data segments from its users.
  • When it comes to HR & Employee Management apps, the most data-hungry app was Glassdoor collecting 21 data segments.
  • Google Drive collects 19 data segments, making it the most invasive app in the Content & Files category.
  • On average, Marketing apps collect 5 out of the 32 segments of personal data, the most of any app type.

Facebook's Suite of Apps Collect the Most Data, Hubspot the Least

So ends the week and the summer. Apparently this was a real thing, huh. Like or hate it, let us know how we’re doing for you. Send cheers, jeers, and requests to, and sharing is caring below.

Share the post:

Get our blog posts delivered to your inbox: