Loading...
Loading...
Investigations show nearly all 20 U.S. state-run health insurance marketplaces exposed applicants’ sensitive information to major ad-tech firms via web tracking pixels. Data fields reportedly shared — sometimes incompletely redacted — included citizenship status, race, sex, ZIP codes, incarceration-related answers, and contact identifiers, sent to Google, Meta, LinkedIn, Snap and TikTok. The disclosures prompted immediate removals and pauses of some trackers and sparked concerns about privacy, legal compliance and security on government healthcare sites. The episode underscores broader tensions between analytics/advertising practices and protecting sensitive user data on public-interest platforms, prompting calls for stronger controls and oversight.
State-run US healthcare marketplaces transmitted sensitive citizenship, race, and other personal data to major ad tech companies via tracking tools embedded on enrollment websites, according to reporting. The data-sharing involved firms such as Meta and Google (identified through their trackers) and occurred when people checked eligibility and enrollment pages, potentially exposing immigration status and health-related decisions to advertisers. Privacy advocates warn this creates serious risks for vulnerable populations and may violate health privacy expectations; it also underscores gaps in how government digital services use third-party analytics. The findings matter for regulators, health IT teams, and platform providers because they highlight systemic privacy design failures with high-stakes personal data.
Bloomberg found that nearly all 20 U.S. state-run health insurance marketplaces leaked applicants' sensitive data to major ad tech firms via third-party tracking pixels. Investigators reported that Google, LinkedIn, Meta, Snap and TikTok received information from exchanges — including citizenship, incarcerated family members, sex, race, ZIP codes, email and phone — when trackers were misconfigured on enrollment sites. Washington, D.C. paused a TikTok pixel rollout after partial redaction failures, and Virginia removed Meta’s tracker after ZIP code sharing was revealed. The findings highlight ongoing privacy risks when analytics and advertising scripts are placed on sites handling health data, with compliance and data governance implications for public-sector tech stacks.
Bloomberg found that nearly all 20 U.S. state-run health insurance marketplaces leaked applicants' data to major ad-tech companies through web tracking pixels. Exchanges reportedly passed sensitive fields — including citizenship, incarceration-related answers, sex, race, ZIP codes, email and phone identifiers — to Google, Meta, LinkedIn, Snap and TikTok, with some attempts at redaction incomplete. Washington, D.C. paused its TikTok pixel rollout and Virginia removed Meta’s tracker after the disclosures. The investigation highlights how misconfigured analytics and advertising pixels on government healthcare sites can expose protected health-related information at scale, raising privacy, compliance and security concerns for millions using public insurance exchanges. This amplifies ongoing regulatory and technical challenges around tracker use on sensitive web properties.
US healthcare marketplaces shared citizenship and race data with ad tech giants