USPS Shared Customers Postal Addresses With Meta, LinkedIn and Snap

An anonymous reader quotes a report from TechCrunch: The U.S. Postal Service was sharing the postal addresses of its online customers with advertising and tech giants Meta, LinkedIn and Snap, TechCrunch has found. On Wednesday, the USPS said it addressed the issue and stopped the practice, claiming that it was "unaware" of it. TechCrunch found USPS was sharing customers' information by way of hidden data-collecting code (also known as tracking pixels) used across its website. Tech and advertising companies create this kind of code to collect information about the user -- such as which pages they visit -- every time a webpage containing the code loads in the customer's browser.

In the case of USPS, some of that collected data included the postal addresses of logged-in USPS Informed Delivery customers, who use the service to see photos of their incoming mail before it arrives. It's not clear how many individuals had their information collected or for how long. Informed Delivery had more than 62 million users (PDF) as of March 2024. [...] The code also collected other data, such as information about the user's computer type and browser, which appeared as partly pseudonymized -- essentially scrambled in a way that makes it more difficult for humans to know where data came from, or who it relates to, by using randomized identifiers in place of real customer names. But researchers have long warned that pseudonymous data can still be used to re-identify seemingly anonymous individuals.

TechCrunch also found that tracking numbers entered into the USPS website were also shared with advertisers and tech companies, including Bing, Google, LinkedIn, Pinterest and Snap. Some in-transit tracking data was also shared, such as the real-world location of the mail in the postal system, even if the customer was not logged in to USPS' website. USPS spokesperson Jim McKean said in a statement: "The Postal Service leverages an analytics platform for our own internal purposes, so that we understand the usage of our products and services and which we use on an aggregated basis to market our products. The Postal Service does not sell or provide any personal information that is collected from this analytics platform to any third party, and we were unaware of any configuration of the platform that collected personal information from the URL and that shared it without our knowledge with social media."

"We have taken immediate action to remediate this issue," the spokesperson added, without saying what action was taken.

Back in the day

[LazarusQLong]

On several occasions it was discovered that some company's webmasters were doing this sort of thing to earn extra cash on the side... in most cases this did not end well for the webmaster, when caught.

Re: Back in the day

[Speare]

Sounds on-brand for somehow-still-USPS-Postmaster-General Dejoy.

Re:

[LazarusQLong]

Yep, I had forgotten about that jerk. I did see him grilled by congress for a few minutes, it was surprising the amount of bullshit he could spew in that short amount of time before I got my blood pressure up and had to switch to YouTube videos of kittens and puppies to bring it back down.

Hey they got bills to paid

[BigFire]

Bonuses to be had.

Accident? BS

[Holi]

How do you accidentally sell something you have never sold before? This has Dejoy written all over it.. It started during Covid apparently.

https://x.com/EdWorkforceCmte/... [x.com]

RTFS

[rsilvergun]

They include it some of Facebook's code in their website, same for LinkedIn and just doing that was enough for Facebook and LinkedIn both to scrape data from their website.

USPS is just as much a victim here as anyone else. The criminals here are Facebook and LinkedIn for screen scraping data they weren't entitled to and didn't disclose that they would be taking.

These kind of privacy violations for doing something as simple as including a bit of linking code have been known for a while. Every so often Facebook gets caught doing it and there's a scary article on slashdot but no laws are changed or even enforced with the existing laws so they just keep doing it.

We need to change how we vote in this country. People need to stop voting for the name they recognize and actually do a little googling before they vote. And they need to vote in primary elections.

Also there's a sizable portion of the population that needs to mind their own fucking business and stop indulging in moral panics every few years. They know who they are and I've already triggered them by mentioning them. Because they know what they're doing is wrong and stupid and hurts themselves but they can't stop it cuz they love it so much.

Re:

[LazarusQLong]

I wish voters were more rational in their choices and didn't just continuously vote for the devil they know, then expect changes. But that is a forlorn hope.

Voters don't want change

[rsilvergun]

In general it's been for the worst their entire lives. Since 1970 things have gotten worse non-stop so that voters have become intensely conservative, not right wing conservative. The problem of course is the right wing has branded themselves conservative so people think they're the safe choice when they are anything but.

The solution is more education. A YouTube channel called some more news did a long video about Ronald Reagan and every time I learn more about Reagan's administration I'm a little bit m

Re:

[LazarusQLong]

thanks for these insights. Critical thinking is a skill I don't see much of these days.

Re:

[Ceseuron]

These kind of privacy violations for doing something as simple as including a bit of linking code have been known for a while. Every so often Facebook gets caught doing it and there's a scary article on slashdot but no laws are changed or even enforced with the existing laws so they just keep doing it.

Even when the laws are enforced, the punishments are either pathetically small or the terms of the settlement so favorable to the offender that there's no deterrence against repeating the same offenses. Punishments need to be bankruptcy inducing events and there needs to be mandatory minimum jail terms for C-Suite executives for first time offenders, with repeat offenders being forcibly shut down and all their assets seized and liquidated for the purposes of paying compensation to the victims. The Cambridge

Re:

[tlhIngan]

Government sells your data. Period.

The DMV is a particularly notorious agency that does it - it routinely sells new registration information to interested parties which is why after you buy a new car you get inundated with ads and stuff for things your new car needs. They also routinely sell your address information to advertisers - if you wonder how direct-mail junk mail (junk mail specifically addressed to you) gets to you, that's how.

You can apparently buy a lot of information from the state for commerci

Re:

[dcooper_db9]

Not the United States Federal Government and especially not the postal service. Of course it's one thing to have laws on the books and another thing to have them enforced.

https://about.usps.com/who/leg... [usps.com]

What “sharing” truly means.

[geekmux]

Every time I read about some company caught “sharing” data, it reminds me of every time the media wants to label celebrities as “dating”.

Stop bullshitting and call it what it is already; people fucking other people.

The news here isn't that the USPS did this

[rsilvergun]

It's that Facebook and LinkedIn are using code injection style techniques to steal information when you do something is innocuous as include a little bit of their code in your website.

It feels like they have violated some sort of law but we don't really enforce laws anymore in this country. At least not against anyone with money.

anti-tracking technology usage is now imperative

[LeadGeek]

I run a combination of u-block origin for Firefox/Chromium/Chrome (dnssec disabled), and pi-hole on my home network, with a pretty substantial filter list. I end up breaking a lot of seach-based product advertisements, and while it does annoy family members, I feel it is worth the tradeoff. It's amazing how many times the same items on Amazon are a few dollars cheaper for me than listed on my wife's phone.

Please stop calling them tracking pixels.

[Seclusion]

Pixels are part of images and might even sound harmless. This code is likely JavaScript and it can be far from harmless. https://developers.facebook.co... [facebook.com]

The Meta Pixel is a snippet of JavaScript code that loads a small library of functions you can use to track Facebook ad-driven visitor activity on your website.

Re:

[Chelloveck]

Well yes... now. When the term was coined they literally were just single pixel image files, because before there was Javascript you could count on a browser loading images and tickling a unique URL. The 1x1 image file, usually a transparent GIF, was actually served to avoid the dreaded "broken image" icon tipping off the user that they were being tracked.

Now the "tracking pixel" has evolved into something more than just a pixel. But complaining about the name is like complaining that we call smartphones

Unaware?

[Bruce66423]

' On Wednesday, the USPS said it addressed the issue and stopped the practice, claiming that it was "unaware" of it.'

Naughty partisan joke.... I didn't think Biden was postmaster general... ;)

Back in the old days...

[BringsApples]

There was a thing called a phonebook. In it were listed the names, addresses and telephone numbers for EVERYONE in town, unless they paid to NOT have it in there. AND PEOPLE LIKED THIS FEATURE OF OUR SOCIETY back then, because it was useful.

Re: Back in the old days...

[pinheadcelt]

And itâ(TM)s your opinion that USPS sharing this information in electronic form in this day and age is exactly the same as the phone book? Listen, Iâ(TM)m old, too, but I also follow trends.

Re:

[ffkom]

There was a thing called a phonebook. In it were listed the names, addresses and telephone numbers for EVERYONE in town

Back in those days spamming someone incurred significant cost, so the knowledge from those phone books was abused much less frequently than addresses are abused now, at almost no cost for the SPAMer, and automatically.

Correction to the title

[93 Escort Wagon]

USPS Shared Chrome Browser Using Customers Postal Addresses With Meta, LinkedIn and Snap

If you use Chrome, you've got no one to blame but yourself.

DeJoy

[whitroth]

At what point can we have him arrested, tried, convicted, and jailed for deliberately working to destroy the US mail?

Until he came in, I'd get all my monthly bills by the 10th. Now - I've gotten some on the 23rd of the month.