[austinpena]

Something is off here. When PII data is shared with Facebook, it gets hashed before it gets sent. In fact, Facebook warns you if you are “leaking” PII in places like URL parameters that get picked up by their tracking pixel.

If they discover pageview events with PII in them, they throw them out.

I’m not justifying that hashed data is okay… but clear text data is not received or stored by Facebook via a Facebook Pixel, or their conversions API.

[flomo]

As of a few years ago, this was not the case. The facebook conversion "pixel" would capture raw form data and upload it to facebook.

[throwaway173738]

If facebook had the clear or hashed data anywhere else you’re still leaking it just with extra steps. Hashes don’t by themselves anonymize. If you have access to the original data it’s trivial to recompute the hash and build your association that way. You could assume the data is salted but that’s not always a safe assumption.

[austinpena]

I am not here to defend Meta, only clarify how data is transmitted.

Data is not salted as far as I can tell, it's normalized and hashed via SHA256. They publish SDKs for serverside integrations so you can see how the code is set up.

https://developers.facebook.com/docs/marketing-api/conversio...

[gcr]

Facebook knows the nine billion most common human names.

On my Mac, sha256() takes 288ns, so running nine billion of them to find the collision would take about 43 CPU-minutes.

[mkmk]

The whole point of sending the hash to FB is so that they can look it up against the hashes of people to whom they have served an ad.