Social Media Sites Got Information from Ad Trackers on US State Health Insurance Sites (gizmodo.com) 29
All 20 of America's state-run healthcare marketplace sites "include advertising trackers that share information with Big Tech companies," reports Gizmodo, citing a report from Bloomberg:
Per the report, seven million Americans bought their health insurance through state exchanges in 2026, and many of them may have had personal information shared with companies, including Meta, TikTok, Snap, Google, Nextdoor, and LinkedIn, among others. Some of the data collected and shared with those companies included ZIP codes, a person's sex and citizenship status, and race.
In addition to potentially sensitive biographical details about a person, the trackers also may reveal additional details about their life based on the sites they visit. For instance, Bloomberg found trackers on Medicaid-related web pages in Rhode Island, which could reveal information about a person's financial status and need for assistance. In Maryland, a Spanish-language page titled "Good News for Noncitizen Pregnant Marylanders" and a page designed to help DACA recipients navigate their healthcare options were found to be transmitting data to Big Tech firms...
Per Bloomberg, several states have already removed some trackers from their exchange websites following the report.
Thanks to Slashdot reader JoeyRox for sharing the news.
In addition to potentially sensitive biographical details about a person, the trackers also may reveal additional details about their life based on the sites they visit. For instance, Bloomberg found trackers on Medicaid-related web pages in Rhode Island, which could reveal information about a person's financial status and need for assistance. In Maryland, a Spanish-language page titled "Good News for Noncitizen Pregnant Marylanders" and a page designed to help DACA recipients navigate their healthcare options were found to be transmitting data to Big Tech firms...
Per Bloomberg, several states have already removed some trackers from their exchange websites following the report.
Thanks to Slashdot reader JoeyRox for sharing the news.
Is anyone surprised? (Score:1)
When the tech firms got involved with creating these sites in the first place, it wasn't out of the goodness of their CEOs' (non-existent) hearts...
Bitches (Score:2)
It was about getting a government contract, to which could have been added stipulations about data collection, but they weren't.
After a few decades of that, the tech companies get to thinking the government is their bitch, and then we get into the situation we have now.
I do think people subconsciously recognize this. They want to get the bitches that fold, out of government. They saw Trump as "not anyone's bitch" (incorrect, btw) and that was a big plus. Hillary and Kamala were perceived as - if I may use t
Re: (Score:2)
Hillary is most definitely a bitch, and a dominatrix to boot. The only reason she got nominated was because, "It's my turn!" Kamala struck me as more of a bimbo, and a bit submissive as well, with her "Whatever Biden wants is OK with me." attitude.
Why? (Score:5, Interesting)
Re:Why? (Score:4, Insightful)
A lot of the automated "site-builder" tools include these trackers by default. Some of the trackers (like the Google one) are useful for site-operators to track metrics (# of individual visitors vs repeat visitors, referring source, etc.)
If you build your own site from scratch, and know how to code, you probably would not include them in anything sensitive like this. But if you are just a guy who's boss said "Make it so" and searched for "how to build a website", well... here we are.
Re: Why? (Score:1)
A lot of the automated "site-builder" tools include these trackers by default. Some of the trackers (like the Google one) are useful for site-operators to track metrics (# of individual visitors vs repeat visitors, referring source, etc.)
A reasonable explanation/theory, but based on the ab-so-lute-ly ludicrous money spent to create these federally-funded websites, why were they relying on, as you describe them , "automated site builder tools"?
The time and cost involved reminded of the story around the build-out of Xerox PARC - they started with nothing, had to invent their workstations and invent a means to network those machines, then design and build the physical servers the sites ran on...
Bottom line, including tools to capture metrics a
Another reason to use Brave+Ublock Origin (Score:1)
Re: (Score:1)
That's fine when you're interacting with informational websites where it doesn't really matter if the site works as intended. I've found that half the storefronts and interactive sites don't. For something like an insurance enrollment, I would not expect it to function without disabling Ublock or Noscript.
In many ways Government = Church (Score:2)
That's small stuff (Score:4, Insightful)
Re:That's small stuff (Score:5, Interesting)
people are forced to send their identity to an unaccountable non-government third party
Forced to? I use the US Mail for all dealings with the government. As far as they know, I have no Internet. If they mandate that, they can pay for the service and buy me a nice (top of the line) laptop.
Re: (Score:2)
No, you will simply cease to exist.
Whoo hoo! No more income taxes.
Re: (Score:2)
If they don't know where I'm getting it, how can they cut me off?
Re: (Score:2)
Re: (Score:2)
I had to sign up for ID.me
Why sign up with an ID service in Montenegro?
Re: (Score:2)
Note that not signing up for your IRS online account (and others, like social security) comes with its own risk - it makes it easier for a someone else to claim that account, and then redirect the payments and correspondence to to themselves.
Yes, there are checks and safeguards to try to prevent this, but
a) Authentication is a very hard problem to solve.
b) Much of the privileged data used for this authentication was just given to Palantir et. al. by the DOGE assholes.
Re: (Score:2)
and then redirect the payments and correspondence to to themselves
I fix my taxes so I always have to send some money to them on the Ides of April. I think things would be worse if I signed up for online service and then it was intercepted. At least without doing so, I can claim that any online correspondence must be bogus. Prove otherwise.
The Internet is for cat videos. Not real business.
Re: (Score:2)
Cute, but wrong: "In March, July, October, May, the Ides come on the fifteenth day. The Nones the Seventh; all the rest are two days less for Nones and Ides." The Ides of April come on April 13, not 15.
Re: That's small stuff (Score:1)
As this story is about healthcare exchanges, you might have a hard time finding a printed application form.
I don't think they support a model where:
- you send in your demographic info,
- they send you a list of choices based on your information,
- you mail them your selection from the list provided,
- they send you a confirmation letter in the mail.
I don't think the open-enrollment window is long enough to facilitate that interaction.
Re: (Score:2)
I don't think the open-enrollment window is long enough to facilitate that interaction.
That really no longer exists.
"Call with your zip code ... zip code ... zip code. And we'll find some loophole to enroll you any time of the year."
you send in your demographic info,
That's basically the zip code they keep bugging you about. And maybe a few details they can collect over the phone. The rest of the stuff, by mail*, is exactly how I signed up.
*I like mail. Because we have had decades of legal precedent around mail fraud formed. Wire fraud, as it applies to the Internet, not so much. Insurance brokers' attorneys will probably ar
Re: (Score:2)
And that's why law firms still use faxes. You can fax somebody a document a few minutes before midnight on the last day and you're considered to have them in on time as long as the originals go out in the mail the next day.
tell your browser to send a don't track signal (Score:3)
also, use NoScript:
https://noscript.net/ [noscript.net]
https://noscript.net/getit/ [noscript.net]
Used to be illegal to release medical info then ca (Score:2)
Re: (Score:2)
It's still illegal. Enforcement, however, has always been a problem.
Re: Used to be illegal to release medical info the (Score:1)
I think you're being a bit aggressive in your HIPPA explaination.
They aren't sharing specific, identity-revealing medical information about anyone.
Knowing that a user visited a website for pregnant, low-income DACA participants doesn't confirm the user is pregnant, low-income, or enrolled in DACA.
It's like saying by observing someone walk into an abortion clinic that violates HIPPA because now I know they are pregnant. I can prove no such thing from that visit - they could work at the clinic, they could be
Re: Used to be illegal to release medical info th (Score:1)
Knowing that a user visited a website for pregnant, low-income DACA participants doesn't confirm the user is pregnant, low-income, or enrolled in DACA.
Technically (and probably legally) you are right, but it doesn't work like that in reality. Let's say that just 80% of the users that visited the website are pregnant, low income, etc. It doesn't matter whether you can make individual assessments. A company buying the data can spam, or increase/refuse insurance, loans, etc if it deems that it is more profitable to lump that 20% of non-pregnant with them. It doesn't matter if they managed to individually assess each individual of that 80%, they are now corre