Uber and Lyft unintentionally sent gig workers’ SSN numbers to Meta and TikTok, new Northeastern research uncovers.
When a person applies to work for Uber or Lyft they must fill out several online forms detailing important information, including their date of birth and their driver’s license.
New Northeastern research has revealed that until just recently those ride-hailing companies had been unintentionally sending that data to TikTok and Meta — two of the world’s largest social media companies.
David Choffnes, a Northeastern University professor of computer sciences and cybersecurity expert, is one of several researchers who uncovered security issues with tracking pixels, which are analytics tools that follow users around the web.
Tracking pixels are small lines of code embedded in images on a site’s interface. They allow companies to see users’ behavior and collect valuable information for advertising efforts.
“Almost every website you visit these days has trackers on it,” Choffnes says. “If you ever wondered if you’ve been on Facebook or Instagram and you see ads that were very relevant to a website you were just looking at, it’s because Meta, the parent company, has trackers on a bunch of websites. They know who you are and what websites you are visiting. The same is true for TikTok. The same is true for Google, and a number of other companies in that marketplace.”
/cdn.vox-cdn.com/uploads/chorus_asset/file/25728923/STK133_BLUESKY__A.jpg)
