Photo by mundissima / Shutterstock.com
Big tech such as Meta maintains an extensive surveillance apparatus with an intricate web of data collection, aggregation, and dissemination committed on a large scale fuelled by companies regularly feeding their users’ data.
Consumer Reports sheds light on this malpractice by Meta. Despite Meta’s purported commitment to transparency, Consumer Reports identified significant shortcomings in the platform’s transparency tools and practices. The study, which utilised data directly from Meta, highlighted issues such as the unclear identity of data providers, allowing companies providing services to advertisers to ignore opt-out requests.
Consumer Reports employed a panel of 709 volunteers who willingly shared archives of their Facebook data, revealing that 186,892 companies sent data about them to the social network. The average participant had their data sent by 2,230 companies, with some individuals listing over 7,000 data-sharing entities. The study focused on server-to-server tracking, an often-hidden form of surveillance usually not covered by mainstream media.
One particular point to note was the prevalence of LiveRamp, a data broker based in San Francisco, which appeared in 96 per cent of participants’ data. However, it wasn’t just obscure data brokers implicated; major retailers, including Home Depot, Macy’s, and Walmart, and credit reporting giants Experian and TransUnion’s Neustar were among the top companies sharing user activity with Facebook.
The data examined by Consumer Reports encompassed two primary categories: Events and custom audiences. The latter enabled advertisers to upload customer lists to Meta, including identifiers like email addresses and mobile advertising IDs. On the other hand, events are detailed user interactions with brands, both online and in the real world, originating from Meta software code embedded in mobile apps, tracking pixels on websites, and server-to-server tracking.
Consumer Reports highlighted the extensive research of Meta’s tracking pixels, which have been used for various purposes, from surveilling users dialling suicide hotlines to tracking mundane activities like grocery shopping or booking medical appointments.
Meta defended the company’s practices. “We offer a number of transparency tools to help people understand the information that businesses choose to share with us, and manage how it’s used,” said Emil Vazquez, Meta spokesperson.
While Facebook users can access a list of companies that have shared their data by navigating to the Accounts Center, Consumer Reports pointed out lingering issues. Over 7,000 companies in the study were identified using readable names or arbitrary numbers, hindering their comprehension, urging Meta to enhance the quality and readability of the data it provides to users.
In response to the alarming findings, Consumer Reports proposes several policy measures, some of which could become part of a national digital privacy law. Key recommendations for Meta and advertisers using its technology include adopting data minimisation strategies, empowering authorised agents to act on behalf of consumers, enhancing ad transparency through archives, and improving the quality of data in existing transparency tools.
“I think people should be encouraging their elected officials to pass privacy laws that require businesses to change some of these business practices to stop this ubiquitous tracking of our every click and every movement,” said Caitriona Fitzgerald, deputy director of the Electronic Privacy Information Center.
In the News: Leftover Locals vulnerability exposes GPUs to leak process data