Are website trackers and pixels exploiting your customers’ privacy?

Are website trackers and pixels exploiting your customers’ privacy?

Companies are facing lawsuits for violating the privacy of millions, if not billions, of internet users. Some companies are not even aware of these violations. Here’s what you can do to protect your business – and your customers – from illegal data collection on your website.

We’ve seen numerous lawsuits over the past month alleging major breaches of the privacy of millions of people related to website trackers and pixels (tiny pieces of code that collect information about a website’s users). . First, it’s Facebook’s parent company, Meta, that has been the subject of a class action lawsuit related to the unauthorized collection and sharing of sensitive health data using the Meta pixel, often without consent. of the patient.

A second class action lawsuit soon followed, this time against UCSF Medical Center and San Francisco-based Dignity Health for placing the Metapixel on their websites, which enabled the unauthorized tracking of patient health data. A complaint alleges that more than 600 hospitals or medical providers are deploying tracking technology and may share personal health information (PHI), which is protected by HIPAA, with Facebook. It’s important to note that it’s likely that these hospitals were unaware of what the pixel was doing.

Then a class action was filed against data giant Oracle (a registered data broker) claiming that the company tracks and monitors over 5 billion people. For reference, the world population is just under 8 billion. Additionally, the lawsuit alleges that the tracking often occurs without users’ knowledge or consent. Part of the complaint alleges that the Oracle JavaScript tracking code obtained personal information by collecting user data from web forms, URLs visited by users as well as their web page title and keywords, date and exact times of visits, etc.

What this means for consumers

Although Facebook and Oracle are the targets of these first lawsuits, other social media sites that use pixels (such as Twitter, TikTok, Snapchat and LinkedIn) operate in the same way.

For example, when a company installs a social media pixel on its website, it enables the collection and combination of information found on users’ social profiles (demographics, interests/topics followed, topics posted, etc.) with behavioral data collected from user interactions with that company’s website.

Take the example of the hospital and the metapixel. The metapixel may collect and return the following information to Facebook and its advertising partners:

  • User typed “brain tumor treatments” into the hospital’s website search bar
  • The user spent over an hour on the hospital’s website browsing pages related to brain tumor treatment options.
  • User filled out an appointment request form from the brain tumor webpage
  • User searched for a list of medications and their side effects

Also, if the user is simultaneously logged into the social media site with a tracker on the hospital webpage, he is no longer anonymous – he is linked to his social media account and everything that this platform knows about her. Collecting this information and using it for targeting purposes could be a violation of privacy laws. This is definitely a violation of common sense web hygiene and user trust perpetrated by social media companies.

Beyond the big social media companies, there are hundreds of other data brokers competing to get their hands on your data. While this tracking produces annoying and often scary ad and spam tracking, there are far more serious issues to consider.

The true scale of monitoring

LOKKER (the company I founded and run) wanted to better understand the true scale of the number of healthcare providers and financial services companies using these pixels, as they both deal with sensitive and protected data. We scanned over 5,000 US-based healthcare and hospital sites and 3,500 financial services websites and found the pixel usage listed below:


Percentage of healthcare and hospital websites using

Percentage of financial services websites using
















The scope and scale of these trackers extend far beyond what was identified in the initial lawsuits.

About Sandra A. Powell

Check Also

How Google’s Latest Anti-Spam Update Could Hurt Your Music Website

For musicians, having an easily accessible website is crucial. However, Google has recently tightened its …