A recent investigation found some major US tax filing services are sending sensitive customer data to Meta.
The Markup reports five big-name tax filing services are using the Meta pixel tool on their web sites to send some combination of personal data such as names, email addresses, income, filing status, refund amounts, and dependents’ college scholarship amounts to Facebook for targeted advertising. Some of the agencies are sending similar information to Google, according to the report.
The Markup claims some of the data was collected under the default settings of Meta pixel, while some “appears to arise from customizations made by the tax filing services, someone acting on their behalf, or other software installed on the site.”
While some of the data is obfuscated, it is reversible and useful to Facebook and Google and their advertising-dependent businesses.
The tax filing agencies file tens of millions of US customer tax returns each year.
US regulations prevent using information received from taxpayers for anything “beyond immediately facilitating filing” without signed consent from the user.
When contacted by The Markup, each of the five agencies removed or modified the pixel on their web sites. Some continued to send some data to Facebook and Google. Here’s the article on the investigation by The Markup to get you in the picture.
What is the Meta pixel?
The Meta pixel is a freely available Meta “business tool.” It’s a small piece of JavaScript code that any business can embed on their website to track visitor activity.
According to the Electronic Frontier Foundation, the practice of using Meta pixel is “ubiquitous” across the web. In fact, in 2018 Facebook told Congress the pixel was embedded in 2 million web sites, which The Markup points out is “a massive data-harvesting operation most internet users never see.”
Meta says it limits the types of data it will collect via the pixel, it doesn’t want sensitive financial information, and filters out sensitive information. Google says similar. But as The Markup found, the data is still going to the ad giants.
What can you do?
This type of privacy breach by everyday service organizations such as electronic tax filing agencies raises the question of who we can trust online. Would you have imagined your personal financial and family information from your tax return being yet another data input to the digital advertising machine?
Unfortunately, we can’t hide our personally identifiable information from our tax agent. We must use our own details and, if we use an online tax filing service, we’re willingly putting our information out there. Of course, that doesn’t mean users are at fault, and The Markup report quotes Mandi Matlock, tax law lecturer at Harvard Law School, as saying, “It’s frustrating because taxpayers have been pushed into the arms of these private, for-profit companies simply to comply with their tax filing obligations,” she said. “We have no choice, really, in the matter.”
That said, if you’re using Sudo digital identities for everything else you do online (e.g. booking travel, subscribing to streaming services, buying gifts in the holiday sales etc.) you’ve broken the data trail that is useful to Facebook and Google (and others) and made it more difficult for them to track and correlate your habits and information into any sort of valuable consumer profile.
If you’re diligently using your Sudo personas online, you’ll be using different information from the information the tax service might give to Facebook or Google or anyone else.
As creepy as it is that Facebook and Google might have your personal tax information, it’s not as valuable to them as it might otherwise be because they can’t correlate it to your other online activities.
Read why compartmentalizing your personal data is easy with MySudo.