When does data collection go too far? We’re finding out as Meta (previously Facebook) comes under fire for how much protected health information their tracking pixel gathers.
Almost all sites on the internet have some form of data collection. In most cases, especially in healthcare, the goal is to collect as little potentially identifiable information as possible while still having enough to analyze user experiences. This data makes it easier to improve content, navigation and conversions. The same applies to the Meta pixel (previously known as the Facebook pixel), which is used to track engagement metrics from Facebook ad campaigns. A recent report uncovered websites that had applied the Meta pixel to their site(s) inadvertently allowed Facebook to gather sensitive data that, in some cases, included:
- Personally identifiable information (PII)
- Protected health information (PHI)
The first question that many of us and our clients asked was if the data collected was in violation of HIPAA. In at least one case, it was considered enough of a violation that a user filed a class-action lawsuit against Meta. Although it appears likely that the data collected is not in violation, many healthcare organizations are now aware of its suspicious ongoing practices. To determine the risks to your organization, we must ask what data Meta collects, when it collects the data and what you can do to prevent it from sending sensitive data.
What data does the Meta pixel collect?
Meta provides settings for customizing the specific data that it is allowed to receive. Depending on your current ad campaign settings, you might have the default setup which only collects the following:
- Information about the user’s device, web browser, operating system, and web session that are contained in HTTP headers. This includes the user’s IP address, the referring URL, page views, and more.
- Pixel-specific data including the pixel ID and the Facebook cookie.
- Button click data including any buttons clicked by the user, the labels of those buttons, and any pages visited as a result of the button clicks.
- The names of form fields on the site (e.g., ‘name’, ‘address’, ‘date of birth,’ etc.).
If you have turned on additional settings like Advanced Matching or made additional adjustments within your conversion tracking settings, Facebook may be collecting:
- Form field values for email, gender, address (city, state, ZIP code, and country), first and last name, phone number, date of birth, external ID
- Custom conversion data including URLs with their query parameter (e.g., https://www.abchospital.org/site-search/?term=cancer+treatment)
Meta has filters in place to catch and remove potentially sensitive information from query parameters. However, this data is still being sent to them in the first place.
When does the pixel collect data?
In most cases, the best practice for applying a data tracking pixel is to allow it to access all publicly accessible pages on a website in order to gain better data visibility as users move beyond your campaign’s initial landing page. If that is the case for your organization, and you have the Meta pixel deployed, any page which has the pixel code applied is collecting user data and sending data to Facebook. Just because you are not running ads on Facebook or have manually created an event for an active campaign does not mean you are not collecting visitor data and sending it to Facebook.
How can I limit data collection?
Meta—and other organizations in the data collection industry—make it extremely frustrating to remove tracking pixels because of how much you lose. Removing the Meta pixel means you will no longer have new data to analyze through the Facebook Ad Manager platform from users interacting with your website. Conversion tracking becomes even trickier. You lose the ability to perform remarketing efforts.
However, you have ways to limit this loss as well as mitigate data collection.
Restrict data collection to specific pages/sections
It is possible to limit the Meta pixel to only fire on the pages actively receiving traffic from campaigns through the use of Google Tag Manager. Rather than allowing the pixel to be placed on the entire site, you can specify exact pages where it is allowed to trigger.
If you appreciate these topics better in a metaphorical sense: Let’s say your site is a town. Each section is a house. The Meta pixel starts out being able to enter any home, follow any person and know everything that goes on within the town. If we limit the pixel to be in just one house, it can learn about anyone who comes to visit and watch where those people go to next but it can no longer see what those people were doing before or after the visit.
Of course, being as large as they are, Meta has other methods of still retrieving data even when its scope is limited. Much of that can be disabled in your Facebook Ads Manager settings. However, keep in mind that any amount of Meta having access risks the unwanted collection of data.
Rely on external, more secure platforms to collect data
As big as the organization is, Google has many additional protections and filters in place to prevent the collection of sensitive data.
Utilizing tags and triggers in Google Tag Manager can drastically reduce the pain of removing the Meta pixel. Setting up events that detect and fire on Facebook-specific conversions allows you to then build custom reports and dashboards within Google Analytics that provides all of the same data without risking the collection of protected health information.
What to consider moving forward with data security
Data security is increasingly important for the average user. As the population becomes aware of how much of their personal information is being collected, the more often we will see reports detailing unexpected, sneaky practices.
To protect your organization, it is important to ensure that your compliance team is aware of what tags or scripts are added to your site, as well as their tracking capabilities. Perform an audit of your privacy policies. Ensure that you are protected, keeping your users informed and remaining diligent in protecting user data.
If you are uncertain if your organization has implemented the Meta pixel, unsure of how to remove or restrict the pixel, or simply want additional consultation on tracking pixels, reach out to our digital marketing experts at Geonetric. We are happy to help.