Kroger Sued for Sharing Sensitive Health Data With Meta – The Markup
themarkup.orgTwo proposed federal class action lawsuits, filed in the wake of a Markup investigation, accuse the grocer of disclosing private data through its online store and pharmacy
Kroger, the largest supermarket chain in the U.S., is being sued in federal court for the unauthorized sharing of personally identifiable information and health data with Meta.
Two different proposed class-action lawsuits were filed on Nov. 10 and Nov. 13 in the Southern District of Ohio, Western Division. The plaintiffs, both from Ohio, are anonymous. Illustration of a grocery store basket on a conveyer belt, filled with various objects including smiley faces, location pins, credit cards, data blocks, envelopes and receipts.
When you use supermarket discount cards, you are sharing much more than what is in your cart—and grocery chains like Kroger are reaping huge profits selling this data to brands and advertisers February 16, 2023 08:00 ET
The suits alleged that Kroger essentially ”planted a bug” on its website, which includes an online pharmacy, and was “looking over the shoulder of each visitor for the entire duration of their Website interaction.” That “bug” refers to the Meta Pixel and the other trackers Kroger used on its website. The Nov. 10 suit claimed that as a result, Kroger leaked details of which medications and dosages a patient sought or purchased from Kroger’s pharmacy, which then allowed “third parties to reasonably infer that a specific patient was being treated for a specific type of medical condition such as cancer, pregnancy, HIV, mental health conditions, and an array of other symptoms or conditions.”
In February, The Markup revealed that Kroger collects extensive data through its loyalty program. The investigation detailed Kroger’s use of the Meta pixel on kroger.com, including how the company sent information to Meta when a pregnancy test was added to a virtual shopping cart. A similar example was included in the Nov. 10 lawsuit, showing that Meta is informed when a user searches on Kroger.com for Plan B contraceptives. The Nov. 13 lawsuit, in trying to establish the harms of “mishandling medical information,” also cited a Markup story on hospital websites disclosing sensitive information to Meta through the pixel.
Both suits claim that the use of Meta’s tracking pixel violates the Electronic Communications Privacy Act, the Health Insurance Portability and Accountability Act (HIPAA) and Ohio state laws covering health information and privacy. They both cite warnings from the Federal Trade Commission and the Department of Health and Human Services against improper disclosure of personal health information online.
Kroger did not respond to a request for comment.
Attorneys for the plaintiffs either declined to comment or did not respond.
The Markup has reported extensively on sensitive information shared to Meta through the pixel, including by education technology providers, crisis mental health hotlines, hospitals, tax preparation companies and student financial aid providers.
link: https://themarkup.org/privacy/2023/11/27/kroger-sued-for-sharing-sensitive-health-data-with-meta
A place to discuss privacy and freedom in the digital world.
Privacy has become a very important issue in modern society, with companies and governments constantly abusing their power, more and more people are waking up to the importance of digital privacy.
In this community everyone is welcome to post links and discuss topics related to privacy.
Some Rules
- Posting a link to a website containing tracking isn’t great, if contents of the website are behind a paywall maybe copy them into the post
- Don’t promote proprietary software
- Try to keep things on topic
- If you have a question, please try searching for previous discussions, maybe it has already been answered
- Reposts are fine, but should have at least a couple of weeks in between so that the post can reach a new audience
- Be nice :)
Related communities
Chat rooms
-
[Matrix/Element]Dead
much thanks to @gary_host_laptop for the logo design :)
- 0 users online
- 57 users / day
- 383 users / week
- 1.5K users / month
- 5.7K users / 6 months
- 1 subscriber
- 2.44K Posts
- 57.6K Comments
- Modlog
In 10 years: congratulations, you won. Here’s 5% of the profits we made on this which after the lawyer’s fees comes down to… $5 each. Enjoy.
I was confused for a second asking myself when Kroger was split into Kroger Sued and Kroger Nord.
They don’t even pretend anymore…
They just act like we are stupid fucking peasants and daddy Sam let’s them abuse us.
We are stupid fucking peasants as they have regulatory capture so they know the worst that will happen is they get a small slap on the wrist. Most people don’t actually care and those that do don’t have the money to buy the laws that we need.
Why waste time pretending when it doesn’t make 2 cents of difference. It is just a waste of money.
You are falling for daddy’s trick biggest trick…
Sure plebs have no political power but there are two things left: Personal direct action and organizing both as consumers and workers.
While with things like food shelter medical, not much choice left. With other products, people can vote with money. People can limit how much data they let out.
People can job hop, demand higher wage, this is mostly limited to older, higher paying folk but them doing this helps everyone.
Finally, organize as consumers and labour.
I see voting being pushed as solution, you can keep voting but don’t be naive haha
Funnily enough people who push voting as the only solution will down vote direct action posts into oblivion. I am starting to assume the poltiics crowds are indeed either bad actors, ie bots or shills.
Fascism is not holding [us] back… shit wages, healthcare and hi prices are tho
Hey! That’s UNCLE daddy Sam to you! Now go apologize to Aunt Mommy-sister.
Bruncle Sam
ohh punish me harder, daddy
This is why I stick to Krogan owned sites
I hope more people employ writing like this when discussing privacy issues on websites. The idea that a third party can metaphorically “look over your shoulder” and record your data on an otherwise secure website is as bad as it’s made out to be.
Compliance with legislation and common decency: optional
It’s more profitable to break the law. Until that changes it’s all downhill from here.
Flat fines are such bullshit
Needs to be either a percentage of yearly gross revenue averaged over the last 5 years, or a multiple of whatever they stood to gain from the policy (not just the individual plantiff).
Whichever is higher.
And don’t let them write it off. You still have to pay taxes on the fine