Ever get the feeling digital ads know what you’re whispering at home or even thinking?
Well, buckle up because here’s a juicy tidbit. An investigation by TechCrunch spilled the tea that the U.S. Postal Service (USPS) was cozying up with tech giants like Meta and LinkedIn by sharing its online customers’ addresses.
On Wednesday, USPS finally fessed up, announcing it had stopped this sneaky info-sharing. Naturally, they claimed they had no idea this was going on.
TechCrunch uncovered that USPS was using tracking pixels on its website. Tracking pixels are embedded in web pages and emails and appear as tiny, hidden, or transparent 1×1-pixel images used to monitor user activity. Tech and advertising companies employ tracking pixels to primarily stalk your every move.
For USPS, the data breach included the postal addresses of logged-in users of the Informed Delivery Service, which allows users to preview photos of their incoming mail.
In their statement, USPS declared: “The Postal Service leverages an analytics platform for our own internal purposes so that we understand the usage of our products and services and which we use on an aggregated basis to market our products.”
USPS added that the Postal Service does not sell or provide personal information collected from its analytics platform to any third party. According to them, they were unaware that the platform was configured to collect personal information from URLs and share it with social media without their knowledge.
A Facebook spokesperson responded, noting that their policies state advertisers should not send sensitive information about people through their Business Tools. They emphasized that this practice is against their policies, and they educate advertisers on properly setting up these tools to prevent such occurrences. They also mentioned that their system is designed to filter out potentially sensitive data it can detect.
TechCrunch’s detective work revealed the USPS website was sending logged-in users’ postal addresses to Meta, LinkedIn, and Snap. The USPS site scooped up and sent customers’ addresses and other juicy details, like computer and browser info, to these companies. Even though this data was “partially pseudonymized,” it can still identify individuals.
And it gets better. Tracking numbers entered on the USPS site were shared with advertisers like Bing, Google, LinkedIn, Pinterest, and Snap, including real-time location data of mail, all without the users even logging in.
While the full extent of the data grab remains murky, Informed Delivery had over 62 million users as of March 2024.
