On September 7, 2023, Judge William H. Orrick of the United States District Court for the Northern District of California denied in part Meta’s motion for dismiss in this putative consumer protection class action, allowing Plaintiffs’ claim that Meta violated the Electronic Communications Privacy Act (ECPA), as well as Plaintiffs’ breach of contract, duty of good faith and fair dealing claims.
Plaintiffs allege that Meta, through its proprietary Meta Pixel tool, intercepts and transmits protected patient health information to Meta platforms and third-party advertisers in violation of federal and California consumer protection and wiretap laws, including the Federal Wiretap Act, California Invasion of Privacy Act, and California’s Unfair Competition Law.
On December 21, 2022, the Court appointed Cohen Milstein Interim Co-Lead Class Counsel.
Plaintiffs allege that Meta violated their medical privacy through its Pixel tracking tool, which is being improperly used on hospital websites resulting in the wrongful, contemporaneous, re-direction to Meta platforms of patient communications to register as a patient, sign-in or out of a supposedly “secure” patient portal, request or set appointments, or call their provider via their computing device. This unlawful collection of data is done without the knowledge or authorization of the patient, like Plaintiffs, in violation of federal and state laws as well as Facebook’s own contract with its users.
Specifically, Plaintiffs allege that when a patient communicates with a health care provider’s website where the Meta Pixel is present on the patient portal login page, the Meta Pixel source code causes the exact content of the patient’s communication with their health care provider to be surreptitiously re-directed to Meta in a fashion that identifies them as a patient.
Meta monetizes the information it receives through the Meta Pixel deployed on medical providers’ web properties by using it to generate highly profitable targeted advertising on- and off-Meta platforms.
Through its account managers and representatives, Meta is aware that it is receiving patient data from hundreds of different medical providers in the United States without patient knowledge, consent, or valid HIPAA authorizations.
To date, through experts, Plaintiffs have identified at least 664 hospital systems or medical provider web properties where Meta has received patient data via the Meta Pixel.
Plaintiffs originally filed their lawsuit on June 17, 2022. Cohen Milstein joined the litigation on August 18, 2022.
Case name: In re Meta Pixel Healthcare Litigation, Case No. 22-cv-03580, United States District Court for the Northern District of California