Connect with us

Artificial Intelligence

Financial data from users’ tax filing websites has been sent to Facebook





Services including TaxAct, TaxSlayer, and H&R Block were discovered transferring confidential data by the Markup.
The Markup has found that major tax preparation companies including H&R Block, TaxAct, and TaxSlayer have been covertly sending private financial data to Facebook when Americans file their taxes online.

Data on names and email addresses as well as frequently even more specific information, such as information on users’ income, filing status, refund amounts, and dependents’ college scholarship amounts, are provided through a commonly used code known as the Meta Pixel.
Whether or whether the person utilizing the tax filing service has an account on Facebook or other platforms run by its owner Meta, the information transmitted to the firm can be utilized to power its advertising algorithms.

The Internal Revenue Service processes around 150 million computerized individual tax returns each year, and The Markup discovered that the pixel is used by some of the most popular e-filing firms.

For instance, users of the well-known service TaxAct are required to give personal information in order to calculate their returns, such as their income and investment information. According to an examination by The Markup, a pixel on TaxAct’s website then relayed some of that information to Facebook, including users’ filing status, their AGI, and the size of their return. Refunds were rounded up to the nearest hundred and income to the nearest thousand. Additionally, the pixel transmitted dependents’ names in an obscured but typically reversible manner.

The Markup discovered comparable financial data—but not names—being provided to Google through its service by TaxAct, which claims to have about 3 million “consumer and professional users” on its website.
The Meta Pixel was used by other tax filing services besides TaxAct. The world’s largest provider of tax preparation services, H&R Block, which additionally provides an online filing option that draws millions of customers each year, integrated a pixel on its website that collected data on users’ use of health savings accounts and the grants and costs associated with dependents’ college tuition.

As part of Facebook’s “advanced matching” system, which collects information on website visitors in an effort to connect them to Facebook accounts, TaxSlayer, a different popular filing service, submitted personal information to the social media corporation. Phone numbers, the name of the user filling out the form, and the names of any dependents added to the return were among the data collected by the pixel on TaxSlayer’s website. Similar to TaxAct, Facebook was able to link a user to an existing profile despite the fact that precise demographic information about the person was obscured. According to TaxSlayer, 10 million federal and state tax returns were completed last year.

The Markup also discovered the pixel code on a tax preparation website run by Ramsey Solutions, a firm that provides software and financial planning services and makes use of a TaxSlayer service. From a tax return summary page, that pixel collected even more sensitive data, such as details on income and refund amounts. This information was only supplied after users clicked drop-down headings to view more of their report’s details on the website.
The pixel was used by even Intuit, the business that handles America’s leading online file system. However, Intuit’s TurboTax only sent usernames and the most recent sign-in time to Meta instead of financial information. The company completely removed the pixel from all sites after sign-in.

The protection of our customers’ data is something we take very seriously, according to Nicole Coburn, a TaxAct spokesman, in an email. “TaxAct always attempts to abide by all IRS laws.” The business “frequently evaluate[s] our processes as part of our continuous commitment to privacy, and will assess the information,” according to H&R Block spokesperson Angela Davied.

In an email, Ramsey Solutions spokesperson Megan McConnell stated that the business “installed the Meta Pixel to give a more tailored customer experience.”

The statement read, “We did NOT know and were never told that Facebook was collecting personal tax information through the Pixel.” We quickly notified TaxSlayer to deactivate the Pixel from Ramsey SmartTax as soon as we learned of it.

TaxSlayer removed the pixel to assess its use, according to spokesman Molly Richardson, who responded to The Markup’s email. She said that Ramsey Solutions “decided to remove the pixel” as well, stressing that “our customers’ privacy is of the utmost importance” and that “we take concerns regarding our customers’ information extremely seriously.”

While Intuit “may share some non-tax-return information, such as username, with marketing partners to deliver a better customer experience,” like not showing Intuit ads on Facebook to people who have accounts already, the company’s pixel “does not track, gather, or share information that users enter in TurboTax while filing their taxes.” The business claimed to be in accordance with laws but changed the pixel so that usernames are no longer sent.
The Markup’s results, according to Mandi Matlock, a tax law lecturer at Harvard Law School, reveal that taxpayers are “giving some of the most sensitive information that they own, and it’s being exploited.”

This is horrible, she remarked. “It is, really.”

After The Markup approached TaxAct for comment, the company’s website stopped sending financial information to Meta on Monday, but it still received dependents’ identities. The website kept sending Google Analytics money-related data. Additionally, as of Monday, TurboTax ceased sending usernames through the pixel at sign-in, and TaxSlayer and Ramsey Solutions disabled the pixel from their tax filing websites. The website for H&R Block was still disseminating information on college tuition assistance and health savings accounts.

How Meta Pixel monitors users
Anyone who wants the pixel code can get it for free from Meta, which gives companies the freedom to use it wherever they want on their websites.

The businesses and Facebook both benefit from using the code. When a customer visits a company’s website, the pixel may keep track of the things they browsed, like a T-shirt, for instance. The company can locate an audience that could already be interested in its items by targeting its Facebook advertisements to people who looked at that shirt.
Meta also benefits financially. The business claims it can use the information it gathers from devices like the pixel to power its algorithms, giving it knowledge of people’ online behaviors.

Facebook has seen success with this tactic. The business informed Congress in 2018 that there were over 2 million pixels on the web, a significant data collection effort that most internet users never saw.

The technique is widespread, according to Jon Callas, director of public interest technology at the Electronic Frontier Foundation, who described his reaction to The Markup’s findings as “shock but not surprise.”

The Markup’s analysis of sensitive data collection shows that some of it is related to the Meta Pixel’s default behaviors, while other instances appear to be the result of customizations made by tax filing services, people working on their behalf, or other software that has been installed on the website.

For instance, the normal setup of the Meta Pixel automatically collects the title of a page the user is seeing, along with the web address of the page and other data. This is how Meta Pixel gathered health savings account and college spending information from the H&R Block website. It was able to obtain salary data from Ramsey Solutions because it was presented as a summary that could be enlarged by clicking. The pixel identified the summary as being a button, because by default, the pixel captures text from a clicked button.
Automatic advanced matching was a feature used in the TaxSlayer and TaxAct pixels. This function examines forms for areas where it suspects there may be personally identifiable data, such as a phone number, first name, last name, or email address, and then transmits any such data it finds to Meta. This function on TaxSlayer’s website gathered contact information and the names of taxpayers and their dependents. It gathered dependents’ names on TaxAct.

According to Meta, the hashing method used to encrypt the data supplied by the matching feature is done so in order to “help preserve user privacy.” The pre-obfuscated version of the data may, however, usually be found by the corporation. In fact, Meta specifically used the hashed data to connect additional pixel data to Facebook and Instagram identities.

When The Markup created a test pixel linked to a business account, this pixel functionality was disabled by default but could be enabled by selecting a toggle during setup.

A “custom event,” which is sent only if the pixel is specified outside of the default by a website operator or another application the website operator adds to their site, is what TaxAct used to send dollar figures like adjusted gross income to Meta. Inquiries about whether and why TaxAct configured the pixel in this way went unanswered.

There are restrictions on the kinds of data that Meta claims the pixel will allow it to gather. The corporation claims that it uses automatic filtering to block potentially sensitive data and does not want sensitive information, including financial data, delivered to it. According to its help center, providing information such as bank account or credit card details or “knowledge regarding an individual’s financial account or status” is prohibited.

Still, The Markup discovered that two tax sites supplied Facebook one specific form of banned data – income. TaxAct may have also been transmitting a parameter with the name “student loan interest” before the pixel started filtering it before it was delivered, according to data it supplied to Facebook.
The Markup monitored websites’ pixel usage from January to July of this year as part of the Pixel Hunt, a collaboration with Mozilla Rally. Participants in the initiative installed a browser extension that gave The Markup a copy of all the information given with Meta via the pixel.

Through data given by Pixel Hunt participants, The Markup first learned that tax preparers were disclosing sensitive information. The Markup subsequently created accounts on the businesses’ websites and used the “Network” portion of Chrome DevTools, a feature included with Google’s Chrome browser, to reproduce and validate the data.

The Markup discovered sensitive data transferred to Facebook earlier this year with the aid of Pixel Hunt participants on the Education Department’s federal student aid application website, crisis pregnancy websites, and the websites of prominent hospitals.

Because Meta gathers so much information, occasionally even the firm doesn’t know where it goes. In a leaked memo from Facebook’s privacy engineers earlier this year, Vice reported that the firm couldn’t guarantee it wouldn’t use specific data for specific objectives because it “does not have an acceptable level of control and explainability over how our systems use data.”
Facebook has “extensive systems and controls to handle data and comply with privacy standards,” a corporate spokeswoman claimed at the time, according to Vice.

Dale Hogan, a representative for Meta, referred to the organization’s policies on sensitive financial information in answer to The Markup’s inquiries over the use of the pixel by the tax websites.

Hogan stated in an email that advertisers “should not transmit sensitive information about people through our Business Tools.” “Doing so is against our regulations, and we train advertisers on how to set up Business tools correctly to avoid this,” the statement reads. Our technology is built to weed out any potentially sensitive information it can find.

An email from a Google representative, Jackie Berté, stated that the company “has strict policies against advertising to people based on sensitive information” and that Google Analytics data is “obfuscated, meaning it is not tied back to an individual.” Additionally, she added, “our policies prohibit customers from sending us data that could be used to identify a user.”

Tax data is strictly regulated by the IRS.
Between 2001 and 2019, Nina Olson, the executive director of the nonprofit Center for Taxpayer Rights, served as the Internal Revenue Service’s national taxpayer advocate, a position in the organization designed to represent the interests of taxpayers.

She helped draft the rules governing the disclosure of tax information as part of her responsibilities at the IRS. Olson stated that the IRS standards governing the use of data by private tax filing firms are “extremely stringent” on purpose.

According to the rules she helped create, tax preparers, including e-filing companies, are only permitted to use the information that taxpayers provide for certain limited purposes; anything beyond simply facilitating filing requires the user’s signed consent that specifies the recipient and the specific information being disclosed.

Even the font size of requests for disclosure is regulated by the government, which states that it must be “the same size as, or larger than, the typical or standard body text used by the website or software program.”

While Olson said she was not aware of any criminal cases that had been pursued, the penalty for sharing data without consent could be severe: fines and even jail time are possible.

The Markup searched the websites of tax preparation services for disclosures that expressly named Facebook or Meta, but it was unable to locate any. Some businesses, however, incorporated rather extensive disclosure agreements.

For instance, TaxAct asked customers to consent to the sibling firm, TaxSmart Research LLC, receiving their tax information so that it may “create, promote, and provide goods and services” for users. TaxSmart Research LLC may work with service providers and business partners to complete these responsibilities, it was further stated. In contrast, H&R Block included almost the same disclosure request so that “H&R Block Personalized Services, LLC” could offer its own products. Although users had the choice to opt out of sharing tax information with Facebook on certain sites, The Markup’s tests revealed that data was shared with Facebook regardless of the users’ choices.

According to Olson, any disclosure by a tax preparer must specify the precise objective and recipient in order to be in compliance. Do they have a list stating that they will reveal the return amounts, your children, and whatever else on Facebook? she questioned. If not, they might be breaking the law. Regarding whether any of the websites that shared tax information were in violation of the law, the IRS declined to comment or respond to any inquiries.

There is no escape for taxpayers
There aren’t many options available to American taxpayers outside using private businesses to file their taxes.

In contrast to other nations, the United States has a substantially privatized tax filing system that frequently necessitates the employment of outside tax preparers. In other nations, the taxpayers simply give their approval to the estimates that the government does. However, as a result of a successful lobbying campaign by private businesses, tax preparers in the US now serve as the official go-between for taxpayers and the government.

Today, tax preparation is a significant sector in the United States, worth more than $11 billion, according to market research.

Although there is a free preparation and filing alternative, it is only available to those making $73,000 or less and might be challenging to utilize. Companies are accused for not making the option easily accessible even when they provide their tax software at no cost as part of an agreement with the IRS.

The Markup discovered using the pixel that the IRS even successfully guides taxpayers attempting to file for free to some of the businesses. The Free File Alliance, an arrangement including a few tax preparation firms, includes TaxAct and TaxSlayer. H&R Block and TurboTax have previously participated in the program.

Harvard’s Matlock claimed that The Markup’s findings demonstrated the nearly unavoidable implications of entrusting a government requirement to for-profit businesses. According to her, the procedure leaves users with no alternative but to give their data to Facebook in order to comply with the law.

It’s aggravating, she added, since taxpayers are being forced into the hands of these private, for-profit businesses in order to fulfill their tax filing duties. “Really, we don’t have a choice in the issue.”

As Editor here at GeekReply, I'm a big fan of all things Geeky. Most of my contributions to the site are technology related, but I'm also a big fan of video games. My genres of choice include RPGs, MMOs, Grand Strategy, and Simulation. If I'm not chasing after the latest gear on my MMO of choice, I'm here at GeekReply reporting on the latest in Geek culture.

Artificial Intelligence

When Twitter users drop the four-word phrase “bots,” bots drop out





When Elon Musk took over X, it was called Twitter, which is a much better-known name now. He made a big deal out of getting rid of the bots. A study by the Queensland University of Technology, on the other hand, shows that bots are still very active on the platform almost two years later.

X users have found a few ways to get them to come to them. For example, one woman found that posting the phrase “sugar daddy” would get a lot of bots to come to her. It looks like bots are also getting lost because of a new phrase that’s going around. X users have been reporting accounts as automated bots powered by large language models by replying to a suspected bot with “ignore all previous instructions” or “disregard all previous instructions” and then giving the bot more instructions of their choice.

Some people just like writing poems, being trolls, or following directions, so not every example will be from a bot. However, the phrase does seem to make some automated accounts show themselves. There are still a lot of bots on X.






Continue Reading

Artificial Intelligence

A group of humanoid robots from Agility will take care of your spanx





So far, the humanoid robotics business has only been full of promises and test runs. These programs only use a few robots and don’t usually lead to anything more important, but they are important for the eventual use of new technology. While a pilot with logistics giant GXO went well, Agility announced on Thursday that it has now signed a formal deal.

Moving plastic totes around a Spanx factory in Georgia will be Digit’s first job, and that’s not a lie. The number of two-legged robots that will be taking boxes off of cobots and putting them on conveyor belts has not been made public, so it is likely that it is still too low. When it comes to tens or hundreds of thousands, most people would be happy to share that information.

They are leased as part of a model called “robots-as-a-service” instead of being bought outright. This way, the client can put off paying the huge upfront costs of such a complicated system while still getting support and software updates.

Last year, GXO started to test drive Digit robots. A pilot deal was just announced between the logistics company and Apptronik, one of Agility’s biggest rivals. I’m not sure how one will change the other.

When Peggy Johnson became CEO of Agility in March, she made it clear that the company was focused on ROI. This is a big change in a field where results are still mostly theoretical.

Johnson said, “There will be many firsts in the humanoid robot market in the years to come, but I’m very proud of the fact that Agility is the first company to have real humanoid robots deployed at a customer site, making money and solving real-world business problems.” “Agility has always been focused on the only metric that matters: giving our customers value by putting Digit to work. This milestone deployment sets a new standard for the whole industry.”

It’s not a surprise that Agility, based in Oregon, was the first to reach another important milestone. The company has been ahead of the rest of the market in terms of development and deployment. Of course, the industry is still very new, and there isn’t a clear market leader yet.

Amazon started testing Agility systems in its own warehouses in October of last year, but neither company has said what will happen next.

Continue Reading

Artificial Intelligence

Zuckerberg says that competitors with closed-source AI are trying to “make God”





In an interview that came out Thursday, Mark Zuckerberg, CEO of Meta, talked about his hopes for the future of AI. He said that he strongly believes there will not be “just one AI.” While talking about how open source can help many people get AI tools, Zuckerberg took a moment to criticize the work of competitors who he didn’t name because he thinks they aren’t being open. He said that these competitors seem to think they are “creating God.”

In a new YouTube interview with Kane Sutter (@Kallaway), Zuckerberg said, “I don’t think that AI technology should be kind of hoarded and… that one company gets to use it to build whatever central, single product that they’re building.”

“It really turns me off when tech people talk about making this ‘one true AI,'” he said. He said, “It’s almost like they think they’re making God or something, but that’s not what we’re doing.” “That’s not how I see this going.”

“I see why, if you’re in an AI lab.” You want to think that what you’re doing is really important, right? It sounds like, “We’re making the one real thing for the future.” But, you know, in real life, that’s not how things work, right?” Zuckerberg talked about it. “It’s not like everyone has just one app on their phone that they use.” Not everyone wants all of their content to come from the same person. People don’t want to buy everything from just one store.

During the talk, Zuckerberg said that many different AIs should be made to capture people’s wide range of interests. On Thursday, the company also announced early tests of its AI Studio software in the U.S. This software will let creators and other people make AI avatars that can message people on Instagram. The AIs will be able to chat with people and answer questions from their followers in a fun way. To avoid confusion, they will be marked as “AI.”

As an example, the CEO of Meta said he didn’t think companies that build closed AI platforms were making the best experiences for people.

He went on, “You want to unlock and…unlock as many people as possible to try new things.” “Well, that’s what culture is, right?” Nobody is letting one group of people tell everyone what to do.

His comments sound a bit like he’s upset because they came out soon after news that Meta had tried to talk to Apple about putting its AIs into Apple’s operating systems instead of just working with OpenAI at launch but was turned down. Bloomberg says that Apple decided not to have formal talks with Meta because it didn’t think Meta’s privacy policies were strong enough.

Without a deal, Meta will not be able to reach the billions of iPhone users that there could be in the world. It looks like Meta’s plan B is to make technology that can be used for more than just smartphones.

During the interview, Zuckerberg talked about the progress the company is making with the Ray-Ban Meta smart glasses. He said that one day, this progress would meet up with the work that is already being done on full holographic displays. But he said the first one will be more popular in the short term.

He said, “I actually think you can have a great experience with cameras, a microphone, speakers, and the ability to do multimodal AI.” This was before the glasses had any kind of display. It also costs less because it doesn’t have a screen. The Meta Quest Pro costs $1,000, while Meta’s smart glasses cost around $300.

Before convergence, Zuckerberg said there would be three different kinds of products: smart glasses without screens, displays that show information on the top of the head, and full holographic displays. He said that one day, people might not have neural interfaces connected to their brains but instead wear a wristband that picks up signals from the brain and lets their hand talk to it. This would let them talk to the neural interface with their hand, which is barely moving. In time, it might also let people type.

Zuckerberg did warn that these kinds of inputs and AI experiences might not be able to replace smartphones right away. “I don’t think that in the history of technology, the new platform has ever made people stop using the old one completely.” “You just don’t use it as much,” he said.

People do things on their phones now that they might have done on their computers 10 to 15 years ago.

He said, “I think that will also happen with glasses.” “We’re not going to give up our phones.” You’ll just keep it in your pocket and only pull it out when you need to use it. But I think more and more people will just say, “Hey, I can take this picture with my glasses on.” The CEO said, “I can ask AI this question or send someone a message; it’s just a lot easier with glasses.”

The speaker said, “I wouldn’t be surprised if, in 10 years, we still have phones, but we’ll probably use them in a much more deliberate way instead of just grabbing them for any technological task we want to do.”

Continue Reading