People have been prosecuted under that act for clicking "view source" on their web browser. The crime itself is irrelevant. It's more about who you are/what connections you have/who you piss off.

This only works if you control the code on both sides (ie. on the website being visited and an app running on the phone). It's not some sort of magic hack that allows you to exfiltrate arbitrary browser history. Therefore it's unclear how it can be construed as "hacking" in any meaningful way. As bad non-consensual tracking done by google/meta/whatever are, it's not covered under CFAA.

Yes