this post was submitted on 16 Jul 2023
49 points (100.0% liked)

Technology

12 readers
1 users here now

This magazine is dedicated to discussions on the latest developments, trends, and innovations in the world of technology. Whether you are a tech enthusiast, a developer, or simply curious about the latest gadgets and software, this is the place for you. Here you can share your knowledge, ask questions, and engage in discussions on topics such as artificial intelligence, robotics, cloud computing, cybersecurity, and more. From the impact of technology on society to the ethical considerations of new technologies, this category covers a wide range of topics related to technology. Join the conversation and let's explore the ever-evolving world of technology together!

founded 2 years ago
 

Meta captures everything from the information you give it when you sign up for accounts, to what you click on or like, who you befriend online and what kind of phone, computer or tablet you use to access its products

you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 22 points 1 year ago (2 children)

Not that I'm ever going to use the app, but I'd like to point out as to why the collection of this specific dataset is particularly dangerous.

Threads scrapes Health and Fitness information. Why is this a problem? Because Meta is already illegally scraping hospital websites for your records. Speaking as a data analyst, it doesn't take much (like one line of code in some cases) to match your Threads account to your hospital records in a database. To assume Meta isn't attempting to do so as we speak is naive - there's simply too much money to be made.

In an age where we've had to start underground railroads to help women across state lines to keep the right to choose, combined with the push from the far right to criminalize helping them, this sets up a frightening scenario:

Meta finds that you've scheduled an abortion through the hospital across state lines. With Threads on your phone, they can now track you as you travel to that appointment. It only takes one more step, or a law like this one tailored towards abortion, to notify law enforcement to pick you up enroute.

Combined with Meta's overall right-leaning politics, it just doesn't make sense to make yourself vulnerable to them, especially if you're a member of a minority population or have any sort of health condition. There's simply too much potential for abuse, and Meta has shown itself more than willing to abuse its users.

[–] [email protected] 4 points 1 year ago (2 children)

Because Meta is already illegally scraping hospital websites for your records.

Sorry, but this is just bad web design from the hospitals. This pixel tool doesn't magically appear on websites without being put there deliberately. Literally any tracking tool can capture this stuff on any page that a developer puts it on. This is 100% the fault of the programmer at the hospital (or the admin that made them do it) that decided to put tracking cookies on sensitive pages.

The hospital administrators decided it was more important to get their precious reports on usage from Meta's portal than protecting their patients.

I'm pissed that I've had to defend Meta here, but this one isn't on them.

[–] [email protected] 9 points 1 year ago (1 children)

If I leave my door unlocked while I'm gone, and you come in and steal my laptop, it's still theft. Yes, I'm an idiot, but you're still a criminal.

That being said, I fully agree with you that the hospitals should bear equal fault - the lack of protections around patient records is criminal, and I'd really like to see those whose records were exposed sue both the hospitals at fault and Meta, or better yet, a criminal case from the FTC and the Department of Health.

Not likely, I know, but I'm a dreamer.

[–] [email protected] 5 points 1 year ago (1 children)

Not trying to be a hater, but that analogy isn't quite right. The web designers didn't leave their door unlocked. They invited Meta in, put their laptop in Meta's hands, and then said "Please take this. Enjoy." They weren't idiots. They chose to give Meta that data deliberately.

Medical institutions need to be held to account as much as Meta does for everything they do. I agree with that completely.

[–] [email protected] 7 points 1 year ago* (last edited 1 year ago)

So now you got me digging into this because I take an absurd amount of pride in my analogies, and it looks like the Meta Pixel tech they embedded was basically like the standard Google Analytics tracking tag on most websites. The hospitals were stupid to install it on their password protected pages, but they were also misled in the fact that Meta's Pixel took far more data than a standard tracking tag, claimed they weren't tracking sensitive data when they were, then claimed to filter the data even though their engineers admitted they couldn't:

The Markup was unable to confirm whether any of the data referenced in this story was in fact removed before being stored by Meta. However, a recent joint investigation with Reveal found that Meta’s sensitive health information filtering system didn’t block information about appointments a reporter requested with crisis pregnancy centers.

Internally, Facebook employees have been blunt about how well—or not so well—the company generally protects sensitive data.

“We do not have an adequate level of control and explainability over how our systems use data, and thus we can’t confidently make controlled policy changes or external commitments such as ‘we will not use X data for Y purpose.’ ” Facebook engineers on the ad and business product team wrote in a 2021 privacy overview that was leaked to Vice.

So, to perfect the analogy, this would be like a hotel installing security cameras in their rooms, and then finding out the company that makes the cameras and runs the network is selling porn starring its customers. Not only that, now that the porn is in their system, it can't be adequately filtered or removed.

The hotel is stupid and liable, but the security company is just flat out vile.

Ok, I'm done. Have an upvote for putting up with that ;)

[–] [email protected] 5 points 1 year ago* (last edited 1 year ago) (1 children)

Someone on my Mastodon feed put this best: People who aren't tech saavy STILL deserve privacy, security and safety.

Hospitals are full of people who understand medicine, not tech. Because that's what they are. Administrators don't even know what to ask to hire a good tech person, and when a tech person gets in there any change they make has a danger of disrupting livesaving systems so they can't do anything anyway. It sucks, but HIPAA still says those records are private and you're not supposed to be looking at them without having a good reason to. The hospitals are liable for not protecting them properly, but Meta is still in the wrong and still breaking the law by scarping for them.

Ultimately, this is everyone's fault but the patients and the patients are the people who are wronged by it.

[–] [email protected] 2 points 1 year ago

Can't say I disagree with your take.

[–] [email protected] 4 points 1 year ago (1 children)
[–] [email protected] 1 points 1 year ago

IKR? It's like 1984 and the Handsmaid's Tale got together and are talking about having kids....