I've had a person report and send me a video that Chrome would begin casting what seemed to be a Instagram web page to a smart tv on the same wi-fi network, while his screen was sitting idle on a Chrome blank page. Unfortunately it was a shared wi-fi and he doesn't know where that TV is. This is inferred from a popup[0] appearing out of the Cast icon(?) next to Chrome's three-dots menu. I've instructed him to disable casting via chrome's flags, and am trying to understand whether private information could have leaked from this and how that happened. My guess for now would be "Web Presentation API" alongside a Instagram page misbehavior, in that case I imagine someone may have seen that web page and that alone, but am unsure as I'm not knowledgeable on the Web protocols. Or, in a worse scenario, someone in that wi-fi managed to force this action.[0] https://i.imgur.com/2VBbu0v.png