Date written: October 3, 2022
Facebook Pixel is an extremely common solution for marketers looking to measure traffic and increase conversions. Businesses can implement the Facebook Pixel as JavaScript code on their sites to track site visitors and dynamically provide content based on their browsing and site activities, such as length of time spent on a page or adding an item to their cart. The Pixel is typically encoded as part of the site header, meaning it likely appears on all pages of a site. Facebook Pixel is advantageous for marketers because if a site visitor has a Facebook account, Pixel matches them to their respective Facebook accounts and associates Pixel-collected data with that individual. Facebook Pixel tracks URLs and domains visited, devices used by site visitors, and is used to create “look-alike” audiences for advertising, all of which are helpful for a comprehensive marketing strategy.
Risks
In the last year, Facebook has come under fire for use of its Pixel for collecting sensitive patient data from hospital websites and financial aid applications on the Department of Education’s website. If the Pixel is installed on a page that collects personal information, that information is collected and associated with the user’s Facebook account (if they have one). This likely includes intake forms, job applications, appointment booking, and other types of free-form data collection.
While Facebook’s privacy policy requires businesses using the Pixel “to have the right to collect, use and share your information” before providing any data to Facebook, there appears to be no process by which Facebook affirms this lawful right with businesses that use the Pixel.
Best Practices
There are several ways in which marketing teams can work together with privacy teams to ensure that Facebook Pixel is being used responsibly and in accordance with best practices. First, identify whether Pixel is installed on the company’s site and whether it is necessary for the company’s marketing strategy. It may be better to take a privacy-preserving posture if metrics from the Pixel are not used or are not helpful. Second, identify pages on which the Pixel is installed. Pixels are typically installed in the header of every page of the site. If a page on the company’s site collects personal information (for example, a book appointment page or an intake form), work with the tech team to remove the Pixel from those pages. Third, if the company is using Facebook Pixel on some or all pages, include this information in your privacy and cookie notices and allow customized cookie preferences. Facebook’s privacy policy transfers risk of collection practices to each business, so complying with notice and choice requirements is essential.
If you have any questions, please feel free to reach out to us! Use the form below to schedule a free 30-minute consultation.