Η company Meta (Facebook) and hospitals of USA, were sued for illegally using health data to target ads.
A strange story has come to light, with a class-action lawsuit filed in the Northern District of California against the company Meta (Facebook), UCSF Medical Center and Dignity Health Medical Foundation, alleging that the organizations are illegally collecting sensitive health data. of their patients for targeted advertising.
This monitoring και η συλλογή δεδομένων φέρεται να πραγματοποιείται σε ιατρικά portals, όπου οι ασθενείς εισάγουν εξαιρετικά ευαίσθητες πληροφορίες για τον εαυτό τους, την κατάστασή τους, τους γιατρούς, τα συνταγογραφούμενα φάρμακα και άλλα.
According to the lawsuit, neither the hospitals nor Meta informs patients about the data collection, no user consents are sought, and there is no visible indication of this process.
The plaintiffs became aware of the violation of their privacy when Facebook, the social media platform owned by Meta, started targeting them with ads completely tailored for their medical condition!.
Meta Pixels
The collection is supposedly done with the Meta Pixel, which is a piece of code that can be inserted into any website to help the website profile its visitors, but also collect data for targeted advertising.
This data collection is done for all of them users, even if they haven't account on Facebook. However, for Facebook users the collected data is automatically linked to their account for deeper association.
Violation of privacy
The lawsuit alleges that Meta's tracking code exists on 33 websites of the top 100 hospitals in the United States, and in seven cases, the code runs under password-protected patient accounts access.
According to the complaint, the 33 hospitals found to have Meta Pixel collectively admitted more than 26 millions patients and outpatient visits in 2020 only.
The plaintiffs allege in their lawsuit that their data was breached because they had never consented to the collection of sensitive medical data, let alone its use in targeted advertising.
Meta even includes a clause in its data privacy policy stating that its partners (Meta Pixel hosts) must have legal rights to collect, use and share user data before handing it over to the advertising giant.
However, as stated in the complaint: “Healthcare agencies do not have a legal right to use or share their patient data, as this information is protected by the Health Insurance Portability and Accountability Act (HIPAA) of 1996, which protects all electronic information health".
Therefore, both Meta and the health care providers are accused of knowing that the business their data collection was illegal, yet they continued to do it and hid it from the people they were watching.
In conclusion, plaintiffs, and on behalf of anyone similarly situated, claim damages for breach of confidentiality of medical information, unjust enrichment, breach of contract, Computer Data Access Act (CDAFA) fraud, as well as and on the federal wiretapping law.
Does it happen elsewhere?
And if there are such complaints in the USA, the headquarters of the Meta company, what might be happening in the others countries;
You have happened to visit hospital recently and have you noticed the same behavior? Especially in private hospitals and clinics?