Meta’s Latest Privacy Scandal Includes Hospitals Sending Patient Data

You can’t see them, but Meta’s trackers are embedded in millions of websites all over the internet, collecting data about where you go and what you do and sending it back to Meta. A recent investigation shows that those trackers are on sites that even the most cynical among us might expect to be off-limits: those belonging to hospitals, including patient portals that are supposed to be protected by health privacy laws.

This week, the Markup, a nonprofit news outlet that covers technology’s harms, has been publishing the latest findings of its investigation into Meta’s Pixels, which are pieces of code developers can embed on websites to track their visitors. So far, those stories reveal how websites owned by the government, pregnancy counseling centers, and hospitals are sending data to Meta through Pixels, much of which would be considered sensitive to the users who unwittingly provided it.

It’s easy and understandable to blame Meta for this, given the company’s much-deserved, less-than-stellar reputation on user privacy. In Pixel and other trackers, Meta has played an instrumental role in building the privacy-free, data-leaking online world we must navigate today. The company supplies a tracking system designed to suck up user data from millions of sites and spin it into advertising gold, and it knows very well that there are many cases where the tool was implemented poorly at best and abused at worst.

But this may also be a rare case of a Meta-related privacy scandal that isn’t entirely Meta’s fault, partly because Meta has done its best to place that blame elsewhere. Or, as security researcher Zach Edwards put it: “Facebook wants to have their data cake and not eat the violations, too.” Businesses choose to put Meta’s trackers on their websites and apps, and they choose again which data about their visitors to send up to the social media giant.

There’s simply no good excuse, in this day and age, for developers that use Meta’s business tools not to understand how they work or what user data is being sent through them. At the very least, developers shouldn’t put them on health appointment scheduling pages or inside patient portals, which users have every reason to expect not to be secretly sending their data to nosy third parties because they’re often explicitly told by those sites that they aren’t. Meta created a monster, but those websites are feeding it.

How Pixel makes tracking too easy

Meta makes Pixel available, free of charge, to businesses to embed in their sites. Pixel collects and sends site visitor data to Meta, and Meta can match this to a user’s profile on Facebook or Instagram, giving it that much more insight into that user. (There are also cases where Meta collects data about people who don’t even have Meta accounts.) Some data, like a visitor’s IP address, is collected by Meta automatically. But developers can also set Pixel up to track what it calls “events”: various actions users take on the site.

That may include links they click on or responses in forms they fill out, and it helps businesses better understand users or focus on specific behaviors or actions. All this data can then be used to target ads at those people, or to create what’s known as “lookalike audiences.” This involves a business asking Meta to send ads to people who Meta believes are similar to its existing customers. The more data Meta gets from businesses through those trackers, the better it should be able to target ads.

Meta may also use that data to improve its own products and services. Businesses may use Pixel data for analytics to improve their products and services as well. Businesses (or the third-party vendors they contract to build out their sites or run advertising campaigns) have a lot of control over what data about their customers Meta gets. The Markup discovered that, on some of the sites in its report, hospital website appointment pages were sending Meta the name of someone making an appointment, the date and time of the appointment, and which doctor the patient is seeing.

If that’s happening, that’s because someone on the hospital’s end set Pixel up to do that. Either the hospital didn’t do its due diligence to protect that data or it didn’t consider it to be data worth protecting. Or perhaps it assumed that Meta’s tools would stop the company from collecting or using any sensitive data that was sent to it. In its most recent hospital investigation, the Markup found that a third of the hospitals it looked at from a list of the top 100 hospitals in the country had a Pixel on appointment scheduling pages, and seven health systems had Pixels in their patient portals. Several of the websites removed Pixel after being contacted by the Markup.

How can a hospital justify any of this? The only hospital that gave the Markup a detailed response, Houston Methodist, claimed that it didn’t believe it was sending protected health information to Meta. The Markup found that the hospital’s site told Meta when someone clicked “schedule appointment,” which doctor they scheduled the appointment for, and even that the doctor was found by searching “home abortion.”

But Houston Methodist said scheduling an appointment didn’t mean the appointment was ever confirmed, nor that the person who scheduled the appointment was the person that appointment was actually for. Houston Methodist might think it isn’t violating patient privacy, but its patients may well feel differently. But they’d also have no way of knowing this was happening in the first place without using special tools or having a certain level of technical knowledge. Houston Methodist has since removed the Pixel.

Another health system the Markup looked at, Novant Health, said in a statement that the Pixel was placed by a third-party vendor for a campaign to get more people to sign up for its patient portal system, and was only used to see how many people signed up. But the Markup found far more data than what was being sent to Meta, including medications that users listed and their sexual orientations. That third-party vendor appears to have made some mistakes here, but Novant’s the one that has a duty to its patients to keep their information private on websites that promise to do so. Not the third-party vendor, and not Meta.

This is not to let Meta off the hook. Again, it created the Pixel tracking system, and while it has rules and tools that are supposed to prevent certain types of sensitive information — like health conditions — from being sent to it, the Markup’s reports are evidence that those measures aren’t enough.

Meta told Recode in a statement that “our system is designed to filter out potentially sensitive data it detects.” But the Markup found those filters lacking when it came to data from at least one crisis pregnancy center’s website. Meta didn’t respond to Recode’s questions about what it does if it finds that a business is violating its rules. Edwards, the security researcher, was even less charitable about how much blame Meta should get here. “It’s 100 percent Facebook’s fault, in my opinion,” he said.

Meta also didn’t respond to questions from Recode asking what it does to ensure businesses are following its policies, or what it does with the sensitive information businesses aren’t supposed to send it. As it stands, it looks as though Meta is making and distributing a tracking tool that can materially benefit Meta. But if that tool is exploited or used incorrectly, someone else is responsible. The only people who pay the price for that, it seems, are the site visitors whose privacy is unknowingly invaded.

What you can do to avoid Pixel

There are a few things you can do to protect yourself here. Browsers like Safari, Firefox, and Brave offer tracker blockers. Todd Feathers, one of the reporters on the Markup’s hospital story, told Recode they used Chrome browsers with no privacy extensions for their tests. Speaking of privacy extensions, you can get those, too. VPNs and Apple’s paid private relay service can obscure your IP address from the sites you visit.

Finally, Meta has controls that limit tracking and ad targeting off of its platforms. The company claims that turning off “data about your activity from partners” or “off-Facebook activity” will stop it from using data collected by Pixel from being used to target ads to you. This means placing some trust in Meta that its privacy tools do what it claims they do.

And there’s always, of course, asking your lawmaker to push for privacy laws that would make some of these practices explicitly illegal, or forcing companies to inform and get user consent before collecting and sending their data to anyone else. A few new federal privacy bills or draft bills have been introduced as recently as this week. The interest is there among some members of Congress, but not in enough of them to come close to passing anything yet.

Source: Meta’s latest privacy scandal includes hospitals sending patient data – Vox

More contents:

Mozilla slams a big Safari privacy feature, calling it ‘a poor trade-off’

Didi makes privacy fixes to ousted apps in run-up to restoring them – SCMP

14:40 Wed, 15 JunFirefox Browsers Internet
20:19 Thu, 16 JunFacebook Meta Internet
16:39 Sat, 18 JunData Protection
14:07 Fri, 10 Jun

More Remote Working Apps:     Quintex Capital   Genesis Mining   BevTraders  LiteTrading  prime stocks  content gorilla  stock rush  forrk  keysearch  gluten free  diet fitness diabetes  writing job  postradamus  stoodaio  profile mate  senuke   asin  appimize  super backdrop  audiencetoolkit  4brandcommercial  talkingfaces  socifeed  gaming jobs   backlinkindexer  powrsuite  tubeserp  PR Rage  design beast  commission smasher  MT4Code System  viral dash  coursova  fanpage  forex expert  appointomatic  woocommerce  domainname  maxslides  ada leadz  eyeslick  creaitecontentcreator  vidcentric  studioninja  marketingblocks  clipsreel  VideoEnginePro  BarclaysForexExpert  Clientfinda  Talkingfaces  IMSyndicator  SqribbleEbook  superbackdrop  VirtualReel  MarketPresso  voiceBuddy  tubeTargeter  InstantWebsiteBundle  soronity  DFY Suite 3.0 Agency+ information  VideoRobot Enterprise  Klippyo Kreators  ChatterPal Commercial  WP GDPR Fix Elite Unltd Sites  EngagerMate  VidSnatcher Commercial  myMailIt  Storymate Luxury Edition  iTraffic X – Platinum Edition  Content Gorilla One-time  Push Button Traffic 3.0 – Brand New  SociCake Commercial  The Internet Marketing  Designa Suite License  XFUNNELS FE Commercial  ShopABot  Inboxr  MediaCloudPro 2.0 – Agency  MyTrafficJacker 2.0 Pro+  AIWA Commercial  Toon Video Maker Premium  Steven Alvey’s Signature Series  Fade To Black  Adsense Machine  Diddly Pay’s DLCM DFY Club  CourseReel Professional  SociJam System  360Apps Certification  LocalAgencyBox  Instant Website Bundle  GMB Magic Content  PlayerNeos VR  BrandElevate Bundle information BrandElevate Ultimate WowBackgraounds Plus  Your3DPal Ultimate  BigAudio Club Fast Pass Podcast Masterclass  VideoGameSuite Exclusive AffiliateMatic  YTSuite Advanced  Xinemax 2.0 Commercial  Living An Intentional Life  BrandElevate Bundle Ezy MultiStores  DFY Suite 4.0 Agency  ReVideo  AppOwls Bundle  TrafficForU  WOW Backgrounds 2.0   ALL-in-One HD Stock Bundle   Viddeyo Bundle  The Forex Joustar

Credit Suisse To Tighten The Reins After String of Scandals

Credit Suisse will unveil a new centralized structure on Thursday in an attempt to bring its far-flung divisions to heel and draw a line under a string of scandals that have cost the Swiss bank billions of dollars, two sources said.

Over the past year, Credit Suisse has been fined for arranging a fraudulent loan to Mozambique, tarnished by its involvement with defunct financier Greensill, racked up $5.5 billion in losses when U.S. family office Archegos collapsed, and been rebuked by regulators for spying on executives.

Credit Suisse drafted in seasoned banker Antonio Horta-Osorio as chairman in April to stop the rot and he will lay out his charter to reform Switzerland’s second-biggest bank on Thursday when it presents third-quarter results.

One key change is expected to be the creation of a single wealth management division that caters to a global elite, centralizing oversight at the bank’s headquarters in Zurich, two people familiar with the matter told Reuters.

Under the current structure put in place six years ago, wealth management straddles three divisions: a Swiss business, an Asia-Pacific arm catering mainly to rich Chinese and an international arm based out of Switzerland.

Merging the wealth division would make Credit Suisse simpler and potentially pave the way for cost cuts.It would also rein in local bankers who have enjoyed much autonomy, making them more answerable to senior managers who have often been blindsided by the risks that triggered past scandals, the sources said.

One of the people told Reuters that managers at the bank’s headquarters had become very risk averse and they did not want to give leeway to local bankers, regardless of how much profit they were making. A spokesman for Credit Suisse declined to comment.

Credit Suisse’s financial humiliation stands in stark contrast to its cross-town rival UBS (UBSG.S). In the wake of massive losses and a bailout during the financial crisis, UBS successfully pivoted away from investment banking to wealth management and is now the world’s largest wealth manager with $3.2 trillion in invested assets.

Its shares have climbed 57% in the past 10 years while Credit Suisse has slumped 53% over the same period.Shareholders have deserted Credit Suisse this year following the slew of bad headlines. Its shares are down 12% while UBS is up 36% while Wall Street rivals are riding high on the back of a boom in equity trading and M&A.

Andreas Venditti, an analyst at Swiss private bank Vontobel, said it would take more than “minor changes and a new divisional set-up” at Credit Suisse to reverse the trend.The expected revamp at Credit Suisse has also encouraged some high-profile dealmakers to approach the bank’s senior management to suggest it merges with a rival, another person with knowledge of the matter said.

Those ideas have been rejected so far, however, the person said. Nonetheless, the prospect of a challenge by investors demanding the break-up of the bank, or that its shrinking market value makes it a target for a hostile foreign takeover, have long troubled managers, sources told Reuters earlier this year.


With a market value of $28 billion, Credit Suisse is worth less than half of UBS and a fraction of Wall Street giants such as JPMorgan (JPM.N) weighing in at half a trillion dollars. But an approach from the United States would not go down well in Switzerland. Relations between Swiss banks and Washington were damaged when the United States pressured them into giving up their strict secrecy code more than a decade ago.

A combination of Credit Suisse and UBS, which has been touted as an alternative alliance, would face its own problems. For one, it would dominate the Swiss market. Another source said that while Credit Suisse had examined a sale or spin-off of its asset management business, that had been shelved. The person said, however, that once further efforts were made to cut costs and boost growth, a sale, or listing of the business on the market, could be back on the cards.

The bank’s drive to centralize its operations is drawing on lessons from some of its recent failures, including Archegos. Earlier this year, Credit Suisse published a report blaming a focus on maximizing short-term profits and enabling “voracious risk-taking” by Archegos for failing to steer the bank away from catastrophe.

Despite long-running discussions about Archegos – by far the bank’s largest hedge fund client – Credit Suisse’s top management were apparently unaware of the risks it was taking.

The bank’s chief risk officer and the head of its investment bank recall hearing about it first only on the eve of the fund’s collapse. “There were numerous warning signals,” the report said. “Yet the business … failed to heed these signs.”

By and ,

Source: Credit Suisse to tighten the reins after string of scandals | Reuters


Related Contents:

B. H. Meyer; Hans Dietler (1899). “The Regulation and Nationalization of the Swiss Railways

Hill, Kelly (1999). Cases in Corporate Acquisitions, Buyouts, Mergers, and Takeovers. Gale. ISBN 0-7876-3894-3.

Atkinson, Mark (4 August 2000). “Swiss banks agree $1.25bn Holocaust deal”. The Guardian

Grant, Linda (19 August 1996). “Will CS First Boston Ever Win?”. Fortune. pp. 30–34. Archived from the original

Strom, Stephanie (30 July 1999). “Japan Revokes Credit Suisse Unit’s Banking License”. The New York Times.

Kandell, Jonathan (March 2012). “Swiss Banks Adjusting To Radical New Regulations”. Institutional Investor. Vol. 46 no. 2. p. 33.

Crawford, David (8 November 2012). “Germany Probes UBS Staff on Tax-Evasion Allegations”. The Wall

Owen Walker (30 July 2020). “Credit Suisse launches restructuring after trading profit boost

Deutsche Bank Ensnared by Billion-Dollar Malaysian Fund Scandal

A multi-billion-dollar fraud scandal perpetrated by an investment arm of the Malaysian government appears to have ensnared another major global financial institution — Deutsche Bank  (DBGet Report) — which already is reeling from massive restructuring efforts.

The Wall Street Journal reported on Thursday that the Justice Department is investigating whether the German lender violated foreign corruption or anti-money-laundering laws in its work for the 1Malaysia Development Bhd. fund, which included helping the fund raise $1.2 billion in 2014 as concerns about the fund’s management and financials had begun to circulate.

Download Now: To be a profitable investor you first need to know the rules. Get Jim Cramer’s 25 Rules for Investing Special Report

The investigation comes amid a massive overhaul of the Munich-based bank announced over the weekend, which includes layoffs in the thousands and the creation of a separate entity for bad loans, debt and other problem investments and holdings that have plagued the bank since the 2008 global financial crisis.

Investigators reportedly have been assisted by former Goldman Sachs executive, Tim Leissner, the Journal said, citing people familiar with the matter. Prosecutors have been investigating similar issues at Goldman, where Leissner, a former managing director, pleaded guilty last year to helping re-direct billions of dollars from the 1MDB fund.

A state economic-development fund, 1MDB turned into a major global scandal after billions of dollars were drained from it between 2009 and 2014, leading to multiple government investigations and the downfall of former Malaysian Prime Minister Najib Razak.

The Department of Justice has said the stolen money totals at least $4.5 billion and that it was used to pay bribes to government officials, pad a slush fund controlled by the former prime minister and purchase hundreds of millions of dollars in luxury goods and real estate.

Shares of Deutsche Bank were down 0.54% at $7.36 in early trading in New York on Thursday.


Source: Deutsche Bank Ensnared by Billion-Dollar Malaysian Fund Scandal – Report

Singapore Starts Probing Goldman Sachs for 1MDB Scandal


Singapore’s law enforcement authorities have extended their criminal probe against the Malaysian state investment fund 1Malaysia Development Berhad (1MDB) to include Goldman Sachs, according to a Bloomberg report.

Although the city-state’s authorities have been investigating Goldman Sachs’ involvement with the Malaysian scandal-plagued firm since 2017, now they are focusing on the firm’s local unit. The primary focus of the investigation is to see if Goldman’s Singapore subsidiary was involved in moving around $600 million acquired from the three controversial bond deal sales from 2012 to 2013.
The Scandal Explained

1MDB came under the limelight soon after its establishment in 2009, which was then chaired by the former Malaysian Prime Minister Najib Razak. Leaked financial documents surfaced that huge sums of money were borrowed via government bonds and syphoned into bank accounts in Switzerland, Singapore, and the US.

%d bloggers like this: