AppXpose v6.9.1 / file 001

GET IT ON JETZT BEI Google Play

HIGH Risk · Score 68/100

Instagram

com.instagram.android

Instagram is a Meta-owned social platform with aggressive data collection practices, extensive behavioral tracking across multiple ad and analytics SDKs, and opaque data sharing with third-party advertisers and business partners. While core messaging features use encryption, the app's primary business model relies on comprehensive user profiling for targeted advertising, creating significant privacy risks despite its massive user base and polished interface.

68

out of 100

7

Trackers Found

4

Dangerous Permissions

8

Risk Factors

0

Known Breaches

Warning

Regulatory & Legal

FTC $5B settlement (2019) for Cambridge Analytica and privacy violations. GDPR €405M fine (2021) for cookie consent violations. Ongoing EU investigations into data processing of minors. Documented shadow profile creation and data collection from non-users.

Score Breakdown

How we got to 68.

Scored using deterministic pattern matching and DEX analysis. Compare against research data from 3,745 analyzed apps.

+12

Meta Ownership & Corporate Data Practices

Cambridge Analytica scandal, FTC $5B fine (2019), GDPR violations across EU

+14

Embedded Ad & Attribution SDKs

Google AdMob, Facebook Audience Network, Adjust, AppsFlyer enable cross-app behavioral profiling

+13

Metadata & Behavioral Collection

Browsing history, search queries, time on posts, engagement patterns, device identifiers

+11

Third-Party Data Sharing

Shares with advertisers, business partners, data brokers for audience segmentation

+8

Weak Encryption

DMs support optional E2E, but stories, feed, browsing are unencrypted server-side

+9

Location Tracking

GPS, IP, Bluetooth for location-based ad targeting

+7

GDPR Violations

€405M fine (2021) for cookie consent violations

-2

Frequent Updates

Regular security patches reduce vulnerability risk

Trackers

7 SDKs detected

Hidden inside the code.

Google Analytics (Firebase) Analytics

Facebook Audience Network Advertising

Google AdMob Advertising

Adjust Attribution

AppsFlyer Attribution

Meta Analytics SDK Analytics

Crashlytics Crash Reporting

Permissions

4 flagged

What it asks for.

high

LOCATION

Tracks your location for ad targeting and story tags

medium

CONTACTS

Reads contacts for friend suggestions

medium

CAMERA & MICROPHONE

Core functionality but always-on access risk

medium

CALENDAR

Reads calendar events for event features

Evidence

From the scan.

Instagram scan - Quality ratings and FTC settlement warning — Quality ratings and FTC settlement warning

Instagram scan - AI analysis summary and risk breakdown — AI analysis summary and risk breakdown

Instagram scan - Known trackers and data collection — Known trackers and data collection

Related

Keep reading.

What is a tracker in an app, and why should you care

Trackers are code libraries hidden inside apps that collect your data for third parties. Here is how they work, what the...

What trackers are actually hiding in your apps

We scanned 32 of the most-installed Android apps and counted every embedded tracker SDK. The average app hides 5 tracker...

Also scan

Similar risk profiles.

4 trackers · 0 permissions

9 trackers · 3 permissions

Adobe Acrobat 52

7 trackers · 5 permissions

Scan Instagram yourself.

Get the full report on your device - with real-time DEX analysis, permission auditing, and breach monitoring. Free, no account needed.

GET IT ON JETZT BEI Google Play View all scans