> Do we know how these apps were able to track browser activity? The only clues I see in the article are that it was on a per-website basis, and that it worked in incognito mode.
The App listens on localhost:xxyyzz when backgrounded. You open your browser and go to onesite.com and then differentsite.com the ID you are known as on those two sites is transmitted by having the JS on each site that supports Facebook functionality / ads etc for that site, and runs in your browser, make a request for an asset on your localhost with args <your ID on that website>. The app gets the args, and sends it off to HQ. That ties your signed-in account on the app to your activity on all the websites that was using this. And to be clear, FB Pixel calls are tagged with the 'event' that you're doing like "checkout" "just looking" "donate" etc. While I don't know for sure, I'd assume that the fact you're in Incognito Mode is just an aspect of the data report, I would say. Nothing would stop it.
The App listens on localhost:xxyyzz when backgrounded. You open your browser and go to onesite.com and then differentsite.com the ID you are known as on those two sites is transmitted by having the JS on each site that supports Facebook functionality / ads etc for that site, and runs in your browser, make a request for an asset on your localhost with args <your ID on that website>. The app gets the args, and sends it off to HQ. That ties your signed-in account on the app to your activity on all the websites that was using this. And to be clear, FB Pixel calls are tagged with the 'event' that you're doing like "checkout" "just looking" "donate" etc. While I don't know for sure, I'd assume that the fact you're in Incognito Mode is just an aspect of the data report, I would say. Nothing would stop it.