A lawsuit filed in California on March 15 accuses Facebook, along with a number of high profile healthcare systems and websites, of violating HIPAA and users’ privacy. Initially, this seemed ridiculous, but on reviewing the complaint, there are some interesting and unexpected conclusions to be found.
What did Facebook (allegedly) do?
It turns out when you put Facebook’s “Like” button on a page on your website, it acts like an analytics tracking code – communicating information about the page you’re visiting to Facebook. This information is not just available to Facebook when you click that “Like” button, but as soon as it’s loaded on the page! Facebook is able to connect this information with your profile through a variety of mechanisms and uses it to profile you into some of its 154 health-related segments.
There are a few things the Plaintiffs see wrong with this arrangement.