Meta Halts Android Tracking After Localhost Flaw Found

Meta has paused a tracking technique in its Pixel tool for Android after researchers disclosed that it exploited a localhost loophole. The method allowed browser data to be potentially linked to individual app users, raising privacy concerns. According to researchers, both Meta—referred to in the summary as Zuckercorp—and Yandex leveraged this method to associate online activity with specific user identities.

The tracking relied on requests sent to localhost, a domain typically used for internal communication within devices, which circumvented conventional privacy boundaries between apps and web browsers. This technique enabled companies to monitor user behavior in ways that were not transparent to the public.

The suspension of the practice follows public disclosure by academic researchers, prompting scrutiny over how companies handle user data. Meta’s decision to halt the tracking comes amid broader regulatory and consumer pressure to improve transparency and limit invasive data collection practices in mobile ecosystems.