Browser says no

The online services you use often ask (or even insist) you install their app. Expense tools, HR platforms, shift planners, project management platforms, even LinkedIn.

They all have perfectly serviceable websites but they still want you to install their app. Ever wonder why?

They’ll tell you that native apps, the ones you download from the app stores, can do things that websites can’t. That’s true, but not how you might imagine it to be.

They can track your precise location in the background, run code when your phone starts, generate persistent identifiers linked to you, and share it all with the many third-party packages they’ve included inside the app.

A website, loaded inside a browser, does almost none of this stuff by default. And even less of it if you’re running privacy extensions. The browser is a security boundary. Apps can bypass this boundary.

The web is now nearly as capable as native apps. Push notifications, offline functionality, camera, files, etc – it’s all there in modern browsers. Each one asking explicit permission before it can do anything.

The capability gap that was used to justify native apps is pretty much closed now. Protection against surveillance is the big differentiator, and the web is the winner here.

A 2026 audit of 135 widely-used enterprise mobile apps found that more than 1 in 5 of them contained privacy-impacting behaviours: tracking, profiling, data sharing, contact harvesting, the lot. Not by accident or because of a breach.

Your staff’s devices are also your devices. They’re windows into your organisation and its behaviour. So, when a vendor pesters you to “download our app”, the first question should be: what do they get from an app that a website can’t give them?

There are situations where the app really is needed, but they’re becoming the exception rather than the rule.

Colin