Some congressional Democrats say three large tax preparation firms sent “extraordinarily sensitive” information on tens of millions of taxpayers to Facebook parent company Meta over at least two years. Their report issued Wednesday urges federal agencies to investigate and potentially go to court over the information H&R Block, TaxAct and Tax Slayer shared with the social media giant. In a letter to the heads of the IRS, the Justice Department, the Federal Trade Commission and the IRS watchdog, the lawmakers say the findings “reveal a shocking breach of taxpayer privacy.” The tax prep companies say they take the privacy of their customers seriously.
Not Meta malicious activity this time, just the creepy tracking that happens on every website for marketing purposes. It’s the tax companies that specifically configured it to take in extra data - your tax data.
Pixel is used to track things like what page you came from, your IP, your facebook tracking cookies, what buttons you click on when, etc… It’s creepy when you think about it, but fairly typical marketing tracking used by websites to try to optimize people actually buying things when they land on the website, or tracking what sites/ads people click on to get to the site and whether those referring sites generate sales.
However, pixel can be configured to also capture the data you fill out on a form displayed on a website and it appears these tax preparation companies did that. Someone at each of those companies had to configure each of the additional fields to capture in order to cause that data to be sent to Meta, and they should have known better.