this post was submitted on 11 Feb 2026
63 points (100.0% liked)

Privacy

5142 readers
135 users here now

Welcome! This is a community for all those who are interested in protecting their privacy.

Rules

PS: Don't be a smartass and try to game the system, we'll know if you're breaking the rules when we see it!

  1. Be civil and no prejudice
  2. Don't promote big-tech software
  3. No apathy and defeatism for privacy (i.e. "They already have my data, why bother?")
  4. No reposting of news that was already posted
  5. No crypto, blockchain, NFTs
  6. No Xitter links (if absolutely necessary, use xcancel)

Related communities:

Some of these are only vaguely related, but great communities.

founded 1 year ago
MODERATORS
otter@lemmy.ca
shaytan@lemmy.dbzer0.com
63
Some of the info instagram sends when you're using the app. (lemmy.dbzer0.com)
submitted 5 hours ago by irelephant@lemmy.dbzer0.com to c/privacy@lemmy.dbzer0.com
4 comments fedilink hide all child comments
 

I've recently been working on scraping the app api for instagram for a project, and I'm surprised at the amount of data it sends that it shouldn't need. I knew it did a lot of tracking already, but after looking at what it sends, I am never installing that app outside of an emulator.

When you login it sends:

  • How many sim cards you have installed
  • Whether you have whatsapp installed
  • whether you gave permission for: call logs, contacts, answer phone calls
  • Timestamps for when you opened the app and when you clicked any component.

On most requests, it sends:

  • Your connection type (WIFI/mobile data)
  • Your connection speed
  • Whether google play attestation is working
  • If your phone is foldable or not
  • Whether you have dark or light theme enabled
  • What device you are running instagram on
  • The components you clicked on to navigate to whatever page you are on, as well as timestamps for when you clicked them.

When loading your timeline, they payload contains:

  • Whether instagram has permission for your camera
  • Your battery level
  • Whether your phone is charging
  • The time you opened the app at.
  • Whether you used pull to refresh to load your feed.
  • Your volume level
  • Your timezone offset.

For every useful request it sends about 2 to /logging_client_events, which has a binary, encoded as base64 payload.

top 4 comments
sorted by: hot top controversial new old
[–] Railcar8095@lemmy.world 1 points 14 minutes ago

Best is to not use Instagram.

Second best is to use Nora to see the web version and redirect the links automatically. https://f-droid.org/packages/jp.nonbili.nora/

[–] Winged_Hussar@lemmy.world 2 points 56 minutes ago

Super interesting!

I don't remember which app it was (Maybe PayPal?) but whenever I opened it I would suddenly get Instagram notifications. Always found that odd/assumed there was some sort data sharing going on there.

[–] navigator@piefed.zip 2 points 1 hour ago

I maintain an instagram account solely for my artist profile to promote my music. I have the app installed on a separate phone that only uses wifi (no sim) and no other app installed and with restricted permissions.

[–] tyler@programming.dev 5 points 3 hours ago

The whatsapp check is probably so it can exfiltrate your messages.