patrick.net
An Antidote to Corporate Media
1,358,600 comments by 15,735 users - TheAntiPanicanLearingCenter online now
Report: Third of top hospitals' websites collecting patient data for Facebook.
2022 Jun 17, 6:28am 215 views 2 comments
Comments 1 - 2 of 2 Search these comments
1
Patrick
2022 Aug 5, 5:16pm
Patrick
2022 Aug 5, 5:16pm
https://astralcodexten.substack.com/p/your-book-review-progress-and-poverty/comment/1752214
Sounds good to me, but I'd bet it would be found illegal to reverse-engineer those proprietary protocols.
"One way to peacefully attack the tech behemoths is protocol extraction—analyzing and reconstructing the secret protocols that their apps use between client and server.
If these secrets were open to the world, any fool could write a Facebook client. This would set another power against Facebook: the power of the client against the server. For example, Facebook would struggle to force third-party clients to show its ads; even worse, multi-server clients would emerge and become the user’s true center of gravity, making it easy to switch servers and destroying the lock-in that is Facebook’s capital.
Obviously, these superior clients—a whole marketplace replacing a captive monopoly—would create immense consumer surplus. What Facebook has been doing is tying its monopoly in one market—social servers—to a monopoly in another—social clients. These are two separate lines of business that, if the Internet was used as the network it was supposed to be—a network of open protocols—would not be connected at all.
Obviously, this is exactly what antitrust law was meant to prevent. Obviously, the right remedy would be for a judge to order Facebook, or Congress to require all big social companies, to simply disclose the specifications for their internal APIs—and handle any packets matching these specifications, regardless of what software sent them. Congress could turn every app into an API, creating a Cambrian explosion of clients— not to mention a huge number of good American code-monkey jobs.
Sounds good to me, but I'd bet it would be found illegal to reverse-engineer those proprietary protocols.
2
richwicks
2022 Aug 5, 5:25pm
richwicks
2022 Aug 5, 5:25pm
Patrick says
It's pretty much impossible to do this. Your device for accessing facebook is just a display, all the computation is done on the server.
What can be done, pretty easily, is detecting just where data is being transferred, and cut that off.
Sounds good to me, but I'd bet it would be found illegal to reverse-engineer those proprietary protocols.
It's pretty much impossible to do this. Your device for accessing facebook is just a display, all the computation is done on the server.
What can be done, pretty easily, is detecting just where data is being transferred, and cut that off.
Called the Meta Pixel, the tracker is an analytics tool Facebook’s parent company offers website owners. In exchange for social media advertising information, the tracker sends the tech company data on users’ IP addresses and webpage activity.
The Markup reviewed the appointment scheduling webpages of 100 leading hospitals and found the Meta Pixel on 33, according to the report. These hospitals collectively saw over 26 million patient admissions and outpatient visits in 2020, per American Hospital Association survey data cited by the publication.
The group also found the tracker within the password-protected patient portals of seven major health systems, five of which they were able to document sending the personal data of real volunteer patients.
IP addresses, doctor names, appointment times, medication information, search terms and connections to users’ Facebook accounts were all among the data being collected and sent to the tech company, according to the report, which was co-published with digital publication Stat. There were reportedly no specific contracts or other evidence that patients were providing consent to these data being collected.
Health privacy consultants and advocates cited in the report said they were troubled by the data collection practices but stopped short of definitively declaring the tracker to be a HIPAA violation.
The organization reached out to the hospitals and health systems that had the Meta Pixel on their webpages. As of the time of the report’s publication, seven hospitals and five health systems had removed the Meta Pixel from their webpage after being contacted.
Some reportedly replied to inquiries by referencing safeguards installed by Facebook to filter out sensitive health data prior to transmission. Some of these organizations still removed the tracker from their webpages.
The Markup noted a February investigation from the New York Department of Financial Services reporting the poor accuracy of Facebook’s sensitive data filtering system.
Facebook parent company Meta did not respond to questions from The Markup regarding how the data were being used but referenced its policy to remove potentially sensitive health data via the filtering tool.
Facebook also acknowledges that the Meta Pixel and other tracking tools collect users’ personally identifiable information in its business tools terms of service.
https://www.fiercehealthcare.com/health-tech/report-third-top-hospitals-websites-collecting-patient-data-facebook