How the NHS has been giving over YOUR private information to Facebook without YOUR knowledge or permission
Since 2006, Facebook has been widely associated with data violations. Meta launched almost 20 years ago, has transformed Facebook into a platform that mines user data for advertising technology purposes. It applies not only to Facebook itself but also to its other services and acquisitions.
The company tries to justify its desire for personal data, but data protection regulations are causing problems for Meta’s scraping algorithms.
Meta is facing troubles with Europe’s General Data Protection Regulation (GDPR). The European Data Protection Board (EDPB) issued a fine of 1.2 billion euros on April 13th, 2023. The penalty was related to the transfer of EU citizen data to the US and was considered unprecedented. GDPR sets clear rules for collecting, using, and storing data of EU citizens to keep it safe and prevent misuse. Additionally, it stops transferring this data outside the EU unless exceptional circumstances require it.
The popular social network claims to prioritize privacy, but it consistently needs to deliver on that promise. In addition, Facebook was part of a well-known Cambridge Analytica data scandal. As a result, they were fined $725 million for collecting, misusing, and manipulating user data.
You might expect that Meta would stop doing it after getting a billion-dollar fine from EDPB and a warning to stop mining European data. Just a month later, the social network is once again in trouble. It has been caught collecting personally identifiable information from 20 NHS trusts.
Meta Pixel tool
The Guardian published an article on May 27th, 2023, revealing that Facebook added a Meta Pixel tool to NHS trust websites. This tool collected different types of information, including keyword searches, page views, prescriptions, and doctor appointments.
It’s even worse because they connected this data to the user’s IP address, a personally identifiable piece of information that can be used to create an online user profile. Then, they sent this data to their servers in the US. Over 22 million UK residents shared their personal medical information with a US third party without consent.
The Meta Pixel is a hidden code that secretly adds an invisible pixel to specific websites, including NHS trusts. It uses a JavaScript algorithm to track and monitor users’ online activities. According to Facebook, the trusts shared this data, which bypassed the filters used to prevent the collection of prohibited information. It’s hard to believe, but an ex-Google engineer showed how Meta uses its Pixel to collect user data and knew about it six months ago.
Meta can quickly boost its ad revenue by using exploitative marketing practices. Instead of changing its business model, Meta often chooses to pay fines. But the main point is about personal responsibility.
Facebook After the NHS Trusts Leak: What Can We Learn From That?
Many people eagerly joined the social network trend, sharing personal information without much consideration. Sharing cat pictures is different from sharing doctor prescriptions. Many visitors to the NHS website needed to be made aware that their online activities were being monitored. Unfortunately, many did not take steps to protect their personal data from being accessed by third parties without permission. It’s essential to check any website’s privacy policy dealing with sensitive data, such as medical records. Unfortunately, out of the twenty NHS trusts affected, only three mentioned Meta or Facebook in their privacy statements. Users can sometimes feel like they need to be more knowledgeable.
It isn’t easy to know exactly how Facebook uses the data it collects. Using medical records for advertising raises questions about business ethics, despite personalized ad targeting being often mentioned as the main reason.
Trusting Facebook with personal information has its pros and cons. Social networks can be enjoyable and convenient, but it’s essential to be aware that they can compromise our privacy and misuse our personal data. Chamath Palihapitiya, former VP for user growth at Facebook, cautioned that the company uses data to manipulate users psychologically and keep them engaged. We don’t know where all the UK NHS trusts data goes, but it seems like it needs to be more transparent.
It is another example of a 20-year-long data mining project focused on gathering highly personal information. Now is an excellent time to reduce Facebook usage until it resolves its data violation issues and pays the fines.
NHS trusts shared personal information with Facebook
The Observer has revealed the following information:
● Buckinghamshire Healthcare NHS Trust shared information about a user viewing a patient handbook for HIV medication. The company received the name of the drug, the NHS trust, the user’s IP address, and their Facebook user ID.
● Alder Hey Children’s Trust in Liverpool shared Facebook details when users visited webpages about sexual development problems, crisis mental health services, and eating disorders. It also collected data when users clicked to order repeat prescriptions.
● The Tavistock and Portman NHS Foundation Trust in London gave data to Facebook when users visited its gender identity service page, which helps children with gender dysphoria. Data was shared when users visited the Portman Clinic webpage, which provides specialist help for disturbing sexual behaviors, and clicked for information on how to get referred to the service.
● The Surrey and Borders Partnership NHS trust shared data with Facebook when patients indicated they were under 18, lived in Brighton, and wanted mental health services.
● NHS trusts sent receipts to Facebook when users accessed appointment booking pages or completed online self-help courses. Barts Health NHS Trust in London shared data with Facebook when users wanted to cancel or change appointments or add hospital visits to their plans. The trust serves a population of 2.5 million.
● The Royal Marsden, a cancer center, shared patient data for referrals, private care inquiries, and browsing specific cancer types.
Final Words
The NHS Trusts sharing your personal details with Facebook without your consent. A covert tracking tool on trusted websites leaked medical information to a US tech giant, which is considered an unacceptable breach of privacy. 20 NHS trusts used the Meta Pixel tracking tool on their webpages. There was information concerning medical conditions and treatments in the details that were revealed.