This isn't even a permission an App can request on Android. Not sure about iOS.

This is not how Twitter is going to do this anyway. They are doing it via the little "Twitter" links everywhere on the web. These will track your page views, and then the instant you sign into your twitter account on that browser, they will know every page you visited. It is no different than how Google knows the pages you visited.

You can block it in two ways... either a) never sign into twitter in your browser unless in Incognito mode, or b) Block third-party cookies and trackers using Ad Block. I do the latter.

According to Twitter's official post regarding this:
"While we want to make our ads more useful through tailored audiences, we also want to provide simple and meaningful privacy choices to our users. Twitter users can simply uncheck the box next to “Promoted content” in their privacy settings, and Twitter will not match their account to information shared by our ads partners for tailoring ads. And because Twitter supports Do Not Track (DNT), Twitter will not receive browser-related information (a browser cookie ID) from our ads partners for tailoring ads if users have DNT enabled in their browser. Our Help Center has more information about these options."

If you're concerned about tracking and DON'T currently have DNT enabled, you really should. It appears opting out of "promoted content" will cause them not to show you tailored ads, but doesn't mean they won't store the data (and possibly share that info with others).

I use sandboxie, and find it well worth using. With additional "supercookies" and methods to save state, having all Web browser data saved on a different volume, and is completely purged when done, no matter how many hidden files are written, is a good method of protecting privacy. Doesn't take much doing either. One can force a browser to run in a sandbox, or just right-click on it, select "run in sandbox", pick the sandbox you want it in, and go.

This is also coupled with "click to play" for Flash or other stuff, and using AdBlock for an extension, so the browser doesn't have to deal with most of the nasty stuff.

I also run a different browser for banking that I do general browsing. The more separation, the better.

People firewall their computers, might as well have a layer of security (sandbox or VM) against untrusted code that hits their machines directly.

There is, actually. READ_HISTORY_BOOKMARKS [android.com]

  To prevent apps from using this (and other permissions) download something like App Ops [google.com] or root your device and use XPrivacy [google.com].

And if you are a good computer person you install all this stuff on every computer you touch.

But not in phones...

if you have seen any FB icon, you're on FB