It is just lazy engineering. They want lookalikes. Fine. Collect, clean, mask the data in house and send it to FB. Dumpling to a 3rd party data directly from page is irresponsible to say the least as such "Opsies" are bound to happen.
they can’t do that. they don’t have the original data (it is owned by fb) to create the lookalike audience. methinks you don’t understand how these tracking doohickeys work
FB allows a custom audience to be built from identifiers like email, phone, etc. They claim it is hashed before use so they never see the raw data (not sure if they mean hashed client side or server side though).
This will rely on a user's FB account having the same email as used for BB, which could be unlikely in the case a company is paying for it. But it should work well enough for retail targeting.
All they say is they don't learn anything new about your customers. I would take that statement with a lot of caution. For one, they should know that I am a bb customer now. Having a graph of all the companies and products I use is huge PI.
> They claim it is hashed before use so they never see the raw data
If they can match hash data with real data, they can know more than they did before. Depending on what algorithm they use for hashing (no mention of it), they could be using a similarity hash so that will minimize changes if there are minor differences in the dataset.
Let's say I find a profile through comparing hash of email to email in Facebook's database. I can then compare additional information to see if a customer has provided incorrect information to Facebook as a user. Facebook could check if my address is similar to online shopping sites I use and if not, flag the account.
Yeah there is a lot of room to hide in the gaps of what they said.
Still, main point is you only need an identifier and none of the other data Facebook has. Pixels are not required for this as noted in the original comment, they probably have enough in the account details already.
> they don’t have the original data (it is owned by fb) to create the lookalike audience.
they have the original data of their own audience. So they can send it explicitly to FB (instead of FB sucking it from the page's pixel so to speak) for FB to build the lookalike audience which FB would do using the wide FB owned data.
the data they hold on their audience is irrelevant here. eg BB not collecting age and gender, and they don’t have the web history of the user (that fb pixel and thumbs icon enables). the lookalike audience is based on FB profile.
A have a question about creating lookalike audiences, by sending data to FB (either separate or through pixel tracking). Is that data not by definition PII, and so they are likely violating GDPR doing this?
the data sent by a pixel is not PII. it enables lookup of the existing PII. the company putting the pixel on their page isn’t collecting PII and this is outside of GDPR. the accidental transmission of file names doesn’t seem to be PII to me.
