Meta has consistently and repeatedly shown an absolute lack of respect for user privacy for basically as long as they’ve existed as a company. I’m honestly not certain there’s anything fully out of the question as far as things they might do, regardless of what their policies might say.

Two examples that are top of mind…

They exploited browser vulnerabilities not unlike malware to track users’ behavior across the web: https://www.eff.org/deeplinks/2025/06/protect-yourself-metas...

They bought a “privacy” VPN app and used it to harvest data, then abused Apple’s enterprise app deployments to continue to ship the app after it was banned from the app store: https://en.wikipedia.org/wiki/Onavo

I'm not an expert on all of Meta's historical criminal activity, but just going back a few months:

https://arstechnica.com/tech-policy/2025/08/jury-finds-meta-...

Optimized for engagement? I guess heroin is "optimized for engagement" too.

You missed the cases where the facebook app ran a local webserver on your smartphone which the facebook ad trackers would send data to to be able to track you across all websites, breaking GDPR laws and circumventing browser third-party cookie controls?

Please disclose your affiliations